dcf1b2e6c8107aed058a8e7e3b874f16f84cf811bd6f5ee0dc8230943004190d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcf1b2e6c8107aed058a8e7e3b874f16f84cf811bd6f5ee0dc8230943004190d
Size

128KB
Sample

221204-rn1stsfh34
MD5

bd044ffe4c0545a78d1c469100099049
SHA1

f25847348d752f4e96f904e0264991625dd8f8ae
SHA256

dcf1b2e6c8107aed058a8e7e3b874f16f84cf811bd6f5ee0dc8230943004190d
SHA512

13465c4de25a811ec68b33faf164fac8af4a2865b27723a404a4e8801ce35d351951084eb774e169ad0b55f145965b496013ccffc8605e5c8539a99981da0cd9
SSDEEP

3072:hPP9JJGoDV7OcVrB9DsdTqs3OL5PFn0wcccccccc:FPlV7jB9DsdTX30PFn0wcccccccc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dcf1b2e6c8107aed058a8e7e3b874f16f84cf811bd6f5ee0dc8230943004190d
- Size
  
  128KB
- MD5
  
  bd044ffe4c0545a78d1c469100099049
- SHA1
  
  f25847348d752f4e96f904e0264991625dd8f8ae
- SHA256
  
  dcf1b2e6c8107aed058a8e7e3b874f16f84cf811bd6f5ee0dc8230943004190d
- SHA512
  
  13465c4de25a811ec68b33faf164fac8af4a2865b27723a404a4e8801ce35d351951084eb774e169ad0b55f145965b496013ccffc8605e5c8539a99981da0cd9
- SSDEEP
  
  3072:hPP9JJGoDV7OcVrB9DsdTqs3OL5PFn0wcccccccc:FPlV7jB9DsdTX30PFn0wcccccccc
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2