d27dc018bc912e14281e0e72e4e049fb103520703c621be1e0ffc5cfb8a1b8b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d27dc018bc912e14281e0e72e4e049fb103520703c621be1e0ffc5cfb8a1b8b1
Size

32KB
Sample

221206-3rperahf6s
MD5

339cbcf9ecea89ce191ae5c46497d1d0
SHA1

95fc7a52d21fa5fd57d0f36ac8d8509910b7ca5d
SHA256

d27dc018bc912e14281e0e72e4e049fb103520703c621be1e0ffc5cfb8a1b8b1
SHA512

e4f44292112058afc0d6d17716b8d6a702d98e2261bc8c98627af932b715353516c312d203b737d9b926329353e727a9d5918cfbfc5431b7ad250a94ea42743f
SSDEEP

384:HChnr8w86hwJd2lurgvIQQ2mXfpJgLa0Mp8885UGnYCIlD07QtY/:HEnr8wjiolCg0gLa1H4nYdlo7QtQ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d27dc018bc912e14281e0e72e4e049fb103520703c621be1e0ffc5cfb8a1b8b1
- Size
  
  32KB
- MD5
  
  339cbcf9ecea89ce191ae5c46497d1d0
- SHA1
  
  95fc7a52d21fa5fd57d0f36ac8d8509910b7ca5d
- SHA256
  
  d27dc018bc912e14281e0e72e4e049fb103520703c621be1e0ffc5cfb8a1b8b1
- SHA512
  
  e4f44292112058afc0d6d17716b8d6a702d98e2261bc8c98627af932b715353516c312d203b737d9b926329353e727a9d5918cfbfc5431b7ad250a94ea42743f
- SSDEEP
  
  384:HChnr8w86hwJd2lurgvIQQ2mXfpJgLa0Mp8885UGnYCIlD07QtY/:HEnr8wjiolCg0gLa1H4nYdlo7QtQ
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2