f958c1ea9160ebb3d6805ef6fe553c42ca61e9c1a3697bc408341301803e77c8 | Triage

Sharing

General

Target

f958c1ea9160ebb3d6805ef6fe553c42ca61e9c1a3697bc408341301803e77c8
Size

34KB
Sample

221204-mxr5tsff2y
MD5

115d368a51b06404d3d0e2fb46aac65a
SHA1

fe19bd287a693b40fd7c8c14cdd627f79460e349
SHA256

f958c1ea9160ebb3d6805ef6fe553c42ca61e9c1a3697bc408341301803e77c8
SHA512

1e00b13a4e444eeaab4b09d928bceaaf861d10738c876347736be2cbacc28fed987e2d30b4e8dab736f6091dc5ba37e7e1f87f763a1dd53e42d158fa1dd06808
SSDEEP

768:A34nRoRqjFwX/Hf8wHj41lpVfn0UaEauU+75S0LIlZ2ja:84aRqhwX3ND41TWUmh+75SoIPwa

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f958c1ea9160ebb3d6805ef6fe553c42ca61e9c1a3697bc408341301803e77c8
- Size
  
  34KB
- MD5
  
  115d368a51b06404d3d0e2fb46aac65a
- SHA1
  
  fe19bd287a693b40fd7c8c14cdd627f79460e349
- SHA256
  
  f958c1ea9160ebb3d6805ef6fe553c42ca61e9c1a3697bc408341301803e77c8
- SHA512
  
  1e00b13a4e444eeaab4b09d928bceaaf861d10738c876347736be2cbacc28fed987e2d30b4e8dab736f6091dc5ba37e7e1f87f763a1dd53e42d158fa1dd06808
- SSDEEP
  
  768:A34nRoRqjFwX/Hf8wHj41lpVfn0UaEauU+75S0LIlZ2ja:84aRqhwX3ND41TWUmh+75SoIPwa
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2