cf6ea54d9b6823892e873a50efb65a1dba531a30ec58c40a992ecac703ad8712 | Triage

Sharing

General

Target

cf6ea54d9b6823892e873a50efb65a1dba531a30ec58c40a992ecac703ad8712
Size

460KB
Sample

221203-pxnthsee5s
MD5

30e47147d097696e2d69e56132433a9f
SHA1

70a3e1c9ae7e3a56743fa0b3c5edc8ed2264cce5
SHA256

cf6ea54d9b6823892e873a50efb65a1dba531a30ec58c40a992ecac703ad8712
SHA512

ac051d814f128fcb27e3fb1439b019b155be90b639ce73e51973c2f6fd2884806f26ab1b39c341d6cf5ea84d387069ba02db893ca9df7e302ebcc8a7b841760e
SSDEEP

12288:ppLCnVtGQ6vRSDB4fkCmHQrBecfKZIa/N:8ofHQaVfKZIMN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cf6ea54d9b6823892e873a50efb65a1dba531a30ec58c40a992ecac703ad8712
- Size
  
  460KB
- MD5
  
  30e47147d097696e2d69e56132433a9f
- SHA1
  
  70a3e1c9ae7e3a56743fa0b3c5edc8ed2264cce5
- SHA256
  
  cf6ea54d9b6823892e873a50efb65a1dba531a30ec58c40a992ecac703ad8712
- SHA512
  
  ac051d814f128fcb27e3fb1439b019b155be90b639ce73e51973c2f6fd2884806f26ab1b39c341d6cf5ea84d387069ba02db893ca9df7e302ebcc8a7b841760e
- SSDEEP
  
  12288:ppLCnVtGQ6vRSDB4fkCmHQrBecfKZIa/N:8ofHQaVfKZIMN
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2