b6f84f49c1520af0ac33e463e971a8b8cff50fe9d28e6e67e770709e00f1f251 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6f84f49c1520af0ac33e463e971a8b8cff50fe9d28e6e67e770709e00f1f251
Size

281KB
Sample

221205-jyjnasaf37
MD5

446f8bcad7cac827b481de667d13bc00
SHA1

738655a87f106533be3298916dcac11b9bd7b214
SHA256

b6f84f49c1520af0ac33e463e971a8b8cff50fe9d28e6e67e770709e00f1f251
SHA512

1397a715f9402ebcdae9cc700dacd136c91e4e736c58da74a94dd6ca5df04b943269032036ca132e2572fd105a1a5533bff9109f241a657d89544785b6ed4a35
SSDEEP

6144:hCSZsDWddorJUDGCFB22uaHzW/nYo54HTbGPw1IN8/PhwTMC:IesDKo+82uaToY1HTCBSwT5

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  b6f84f49c1520af0ac33e463e971a8b8cff50fe9d28e6e67e770709e00f1f251
- Size
  
  281KB
- MD5
  
  446f8bcad7cac827b481de667d13bc00
- SHA1
  
  738655a87f106533be3298916dcac11b9bd7b214
- SHA256
  
  b6f84f49c1520af0ac33e463e971a8b8cff50fe9d28e6e67e770709e00f1f251
- SHA512
  
  1397a715f9402ebcdae9cc700dacd136c91e4e736c58da74a94dd6ca5df04b943269032036ca132e2572fd105a1a5533bff9109f241a657d89544785b6ed4a35
- SSDEEP
  
  6144:hCSZsDWddorJUDGCFB22uaHzW/nYo54HTbGPw1IN8/PhwTMC:IesDKo+82uaToY1HTCBSwT5
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2