c00a476332468890344fe5e2d98b5cdf0598dd342a562b033f6ec5a32405bc9f | Triage

Sharing

General

Target

c00a476332468890344fe5e2d98b5cdf0598dd342a562b033f6ec5a32405bc9f
Size

34KB
Sample

221205-hvhfdsfd76
MD5

f41b417f8945e50760929a80c7ef8c59
SHA1

f1b389f7597b8eb9f09a4bd04903019a991142f9
SHA256

c00a476332468890344fe5e2d98b5cdf0598dd342a562b033f6ec5a32405bc9f
SHA512

1de31a94fc2ba2cd24023093a254858e31b2e19a5943266b31ac6b818a9ebe566ef6f3c652d84075700ee7213a268ff05bd6ca542e641090e28fa6ccb3f78c5c
SSDEEP

768:CRE3rOLiay36F2HfSva8nmjXASGZ3gzGY0QQzAwuAZ0Vyq7:DU1F7DmjXzGZwaYVQEwuAZc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c00a476332468890344fe5e2d98b5cdf0598dd342a562b033f6ec5a32405bc9f
- Size
  
  34KB
- MD5
  
  f41b417f8945e50760929a80c7ef8c59
- SHA1
  
  f1b389f7597b8eb9f09a4bd04903019a991142f9
- SHA256
  
  c00a476332468890344fe5e2d98b5cdf0598dd342a562b033f6ec5a32405bc9f
- SHA512
  
  1de31a94fc2ba2cd24023093a254858e31b2e19a5943266b31ac6b818a9ebe566ef6f3c652d84075700ee7213a268ff05bd6ca542e641090e28fa6ccb3f78c5c
- SSDEEP
  
  768:CRE3rOLiay36F2HfSva8nmjXASGZ3gzGY0QQzAwuAZ0Vyq7:DU1F7DmjXzGZwaYVQEwuAZc
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2