a7ee5dde48237fcd50d2d63a92b6292ddfc8a3d893d5f271851e305733f3e150 | Triage

Sharing

General

Target

a7ee5dde48237fcd50d2d63a92b6292ddfc8a3d893d5f271851e305733f3e150
Size

23KB
Sample

221203-tbwz8ahc6s
MD5

6bfdbed791d7d3f5d0bd100b749760e4
SHA1

1f104538ff4d55c0393a0cdd2cee7f33134614bd
SHA256

a7ee5dde48237fcd50d2d63a92b6292ddfc8a3d893d5f271851e305733f3e150
SHA512

bfa02e03008096855f1c1c93bb1ee2a8df5f13a086bb036feb3fe57ac951802c9d6938771b6ccaf7609481634df0823aa14fa974d6623f1aec3d50ea1b2c5f79
SSDEEP

384:lEg0i747wFs/7LIXujQ7RgvDXLiti2rUms+oCESvaJlMCN+cBnlrwms73AJ5ERsr:loU48Fs/f61VgLbiY2dLop7xBnl5fRr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a7ee5dde48237fcd50d2d63a92b6292ddfc8a3d893d5f271851e305733f3e150
- Size
  
  23KB
- MD5
  
  6bfdbed791d7d3f5d0bd100b749760e4
- SHA1
  
  1f104538ff4d55c0393a0cdd2cee7f33134614bd
- SHA256
  
  a7ee5dde48237fcd50d2d63a92b6292ddfc8a3d893d5f271851e305733f3e150
- SHA512
  
  bfa02e03008096855f1c1c93bb1ee2a8df5f13a086bb036feb3fe57ac951802c9d6938771b6ccaf7609481634df0823aa14fa974d6623f1aec3d50ea1b2c5f79
- SSDEEP
  
  384:lEg0i747wFs/7LIXujQ7RgvDXLiti2rUms+oCESvaJlMCN+cBnlrwms73AJ5ERsr:loU48Fs/f61VgLbiY2dLop7xBnl5fRr
Score

8^/10

persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2