ce471df96966d75b44262c3a06f364641030fc6c618f2c6c694d366a3c970317 | Triage

Sharing

General

Target

ce471df96966d75b44262c3a06f364641030fc6c618f2c6c694d366a3c970317
Size

200KB
Sample

221203-p2gwrseh8s
MD5

f9207876312c98414955668105185073
SHA1

761980d1d229e2fefd0cdd4127962760c6a55e7f
SHA256

ce471df96966d75b44262c3a06f364641030fc6c618f2c6c694d366a3c970317
SHA512

ee47aad746c923da1bbb645ec226528f00c917113ed2071f601982caa925e65d1d45a669a7ca1bdfc783f3ada083d479e84913ecf8852b45fb258b43c145e3dd
SSDEEP

3072:cqzn6/HBq3qAdGhS4k5p5pU4T4B+jca8Wz/9DMFIW925pOLA/hmqVvTVLC4HTkwn:cqz+Bq3qnop535+Wzmw5pSqpheLwe2

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ce471df96966d75b44262c3a06f364641030fc6c618f2c6c694d366a3c970317
- Size
  
  200KB
- MD5
  
  f9207876312c98414955668105185073
- SHA1
  
  761980d1d229e2fefd0cdd4127962760c6a55e7f
- SHA256
  
  ce471df96966d75b44262c3a06f364641030fc6c618f2c6c694d366a3c970317
- SHA512
  
  ee47aad746c923da1bbb645ec226528f00c917113ed2071f601982caa925e65d1d45a669a7ca1bdfc783f3ada083d479e84913ecf8852b45fb258b43c145e3dd
- SSDEEP
  
  3072:cqzn6/HBq3qAdGhS4k5p5pU4T4B+jca8Wz/9DMFIW925pOLA/hmqVvTVLC4HTkwn:cqz+Bq3qnop535+Wzmw5pSqpheLwe2
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2