b6db9e53868b1fd4bca6f9e41cf5c4c4d379640826dd4b17d8484332d0f0cd80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6db9e53868b1fd4bca6f9e41cf5c4c4d379640826dd4b17d8484332d0f0cd80
Size

150KB
Sample

221205-n92qgagh23
MD5

5927ffdf51becbe9b2b9c29526cf6e4f
SHA1

80de3df10d4d9ac98d3eadbc9301d19fe2da1e73
SHA256

b6db9e53868b1fd4bca6f9e41cf5c4c4d379640826dd4b17d8484332d0f0cd80
SHA512

c91693d204e81c69f2ab9e7e881e487446ac8a7998a691d96d852aa8422d39a7e4e9ad3626629bbcdb5a0ef42b58f77f9f415594e3dee595970b19f77772fa8d
SSDEEP

3072:bYd5RMBIUOG3B5A3n1ABRUum/o4NEnWydAA3IypFI51c:bYd5CJxx5G1ABo/JEnxAA3IypFk1c

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b6db9e53868b1fd4bca6f9e41cf5c4c4d379640826dd4b17d8484332d0f0cd80
- Size
  
  150KB
- MD5
  
  5927ffdf51becbe9b2b9c29526cf6e4f
- SHA1
  
  80de3df10d4d9ac98d3eadbc9301d19fe2da1e73
- SHA256
  
  b6db9e53868b1fd4bca6f9e41cf5c4c4d379640826dd4b17d8484332d0f0cd80
- SHA512
  
  c91693d204e81c69f2ab9e7e881e487446ac8a7998a691d96d852aa8422d39a7e4e9ad3626629bbcdb5a0ef42b58f77f9f415594e3dee595970b19f77772fa8d
- SSDEEP
  
  3072:bYd5RMBIUOG3B5A3n1ABRUum/o4NEnWydAA3IypFI51c:bYd5CJxx5G1ABo/JEnxAA3IypFk1c
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2