ef0b0aedc0cf0e39e5c1ac3c905127649bbce354e445825af80fdc207c5c1b42 | Triage

Sharing

General

Target

ef0b0aedc0cf0e39e5c1ac3c905127649bbce354e445825af80fdc207c5c1b42
Size

90KB
Sample

221204-pcdstagc98
MD5

4a88ae4b043e5e626c39a51d7e380b5a
SHA1

a833330f04fa886dc9e401766e7a1673f2a740f6
SHA256

ef0b0aedc0cf0e39e5c1ac3c905127649bbce354e445825af80fdc207c5c1b42
SHA512

83b12a847cd4f639b13db4f7f6ce13965a4757415e698c9ea470680adf5de672479cc9c8927b8a18be012002adc18083b0894226c803626e23025dcc844ac9f9
SSDEEP

1536:VmZWGE/gxwXe4U7bPPa/q4udgeApY06+5wHNxd9m1pLyg+eu+ixh8NJVnKu9ypLI:UZW8wPU/PPWCvmYXhhe2si/8pnfyf2qE

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ef0b0aedc0cf0e39e5c1ac3c905127649bbce354e445825af80fdc207c5c1b42
- Size
  
  90KB
- MD5
  
  4a88ae4b043e5e626c39a51d7e380b5a
- SHA1
  
  a833330f04fa886dc9e401766e7a1673f2a740f6
- SHA256
  
  ef0b0aedc0cf0e39e5c1ac3c905127649bbce354e445825af80fdc207c5c1b42
- SHA512
  
  83b12a847cd4f639b13db4f7f6ce13965a4757415e698c9ea470680adf5de672479cc9c8927b8a18be012002adc18083b0894226c803626e23025dcc844ac9f9
- SSDEEP
  
  1536:VmZWGE/gxwXe4U7bPPa/q4udgeApY06+5wHNxd9m1pLyg+eu+ixh8NJVnKu9ypLI:UZW8wPU/PPWCvmYXhhe2si/8pnfyf2qE
Score

8^/10

discovery persistence
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2