c60fb195df12c9541a8497dab1b967ae9d32633e09b005ca05ef06c700785418 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c60fb195df12c9541a8497dab1b967ae9d32633e09b005ca05ef06c700785418
Size

156KB
Sample

221205-g5kg3ahc2t
MD5

44efab6634575b6fff5de90c78fdce90
SHA1

826f08a3fe0df441d1c09e54f48034c6437dfea5
SHA256

c60fb195df12c9541a8497dab1b967ae9d32633e09b005ca05ef06c700785418
SHA512

999f1d7a4a376c1cd61ea9a1c52e1fe98102d0b5d21fce907cc91705e4c6e677f143059ea39a282c4ab9e6db07b34ac9a5c9f61a61c041c9b47f8faea1904dce
SSDEEP

3072:50XUiErcbIjSt3uiZ35yUIfH4IuVyRyoh2/YBG+a7ZqH:cx4S9uApyrluV+280AH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c60fb195df12c9541a8497dab1b967ae9d32633e09b005ca05ef06c700785418
- Size
  
  156KB
- MD5
  
  44efab6634575b6fff5de90c78fdce90
- SHA1
  
  826f08a3fe0df441d1c09e54f48034c6437dfea5
- SHA256
  
  c60fb195df12c9541a8497dab1b967ae9d32633e09b005ca05ef06c700785418
- SHA512
  
  999f1d7a4a376c1cd61ea9a1c52e1fe98102d0b5d21fce907cc91705e4c6e677f143059ea39a282c4ab9e6db07b34ac9a5c9f61a61c041c9b47f8faea1904dce
- SSDEEP
  
  3072:50XUiErcbIjSt3uiZ35yUIfH4IuVyRyoh2/YBG+a7ZqH:cx4S9uApyrluV+280AH
Score

8^/10

persistence
- Blocklisted process makes network request
- Sets DLL path for service in the registry
  persistence
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2