b6ca8a4b8f04f1658ec9e0ea0406cc5c9073cfd6cd52eb3302d8e1f36e7c65f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6ca8a4b8f04f1658ec9e0ea0406cc5c9073cfd6cd52eb3302d8e1f36e7c65f7
Size

973KB
Sample

221205-g1t6psgh5v
MD5

810aa38b415151df6957b45b1d83eb4a
SHA1

00693ea70847791d64a42baf639644cdd4aff421
SHA256

b6ca8a4b8f04f1658ec9e0ea0406cc5c9073cfd6cd52eb3302d8e1f36e7c65f7
SHA512

59fcd3e9fd89bf1eaf29736a74151a995aa79406ccf910966635a8ef1611b2bf65e7035cfc4b872f382084d200e02143b79e67c70299a21dff6cd4d75b240fac
SSDEEP

24576:xStU4gf2EW5A2DJr/kS4vGIk6v3HYvol3FM6:xh43Dp/wPHYvol3K6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b6ca8a4b8f04f1658ec9e0ea0406cc5c9073cfd6cd52eb3302d8e1f36e7c65f7
- Size
  
  973KB
- MD5
  
  810aa38b415151df6957b45b1d83eb4a
- SHA1
  
  00693ea70847791d64a42baf639644cdd4aff421
- SHA256
  
  b6ca8a4b8f04f1658ec9e0ea0406cc5c9073cfd6cd52eb3302d8e1f36e7c65f7
- SHA512
  
  59fcd3e9fd89bf1eaf29736a74151a995aa79406ccf910966635a8ef1611b2bf65e7035cfc4b872f382084d200e02143b79e67c70299a21dff6cd4d75b240fac
- SSDEEP
  
  24576:xStU4gf2EW5A2DJr/kS4vGIk6v3HYvol3FM6:xh43Dp/wPHYvol3K6
Score

8^/10

persistence
- Executes dropped EXE
- Sets service image path in registry
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2