edbfdb672473966f9b938a168143ed0aae4eb40c7a15088dd288d11c925fcbe6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edbfdb672473966f9b938a168143ed0aae4eb40c7a15088dd288d11c925fcbe6
Size

590KB
Sample

221204-phfvcscf7x
MD5

f7a52de45f0e59b1d60dd15d43dc887f
SHA1

fa19f0cbb9e78d4a6491db71a23a0d1086f4ffb8
SHA256

edbfdb672473966f9b938a168143ed0aae4eb40c7a15088dd288d11c925fcbe6
SHA512

f5b27a352a73f4b36d2ec10bf31e05c07f6083e88bc22ba91238ca4027e513965b3da0fc658db986a2e9206faf169b81836ba3b6e4661ef949c9a7c685cd992e
SSDEEP

12288:tu98Q0by6CNHBuSKZ8Ic4xTNBiYWqQklXZSFpqNUV+BaeRCHHExk/Qccd:tPy3BYBc4x5ZSQG+ceRGkxGncd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  edbfdb672473966f9b938a168143ed0aae4eb40c7a15088dd288d11c925fcbe6
- Size
  
  590KB
- MD5
  
  f7a52de45f0e59b1d60dd15d43dc887f
- SHA1
  
  fa19f0cbb9e78d4a6491db71a23a0d1086f4ffb8
- SHA256
  
  edbfdb672473966f9b938a168143ed0aae4eb40c7a15088dd288d11c925fcbe6
- SHA512
  
  f5b27a352a73f4b36d2ec10bf31e05c07f6083e88bc22ba91238ca4027e513965b3da0fc658db986a2e9206faf169b81836ba3b6e4661ef949c9a7c685cd992e
- SSDEEP
  
  12288:tu98Q0by6CNHBuSKZ8Ic4xTNBiYWqQklXZSFpqNUV+BaeRCHHExk/Qccd:tPy3BYBc4x5ZSQG+ceRGkxGncd
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2