e12ad27e8ff9e6dc9154f1848350d2fa03c9f3c0b3509af18ef3e21176516636 | Triage

Sharing

General

Target

e12ad27e8ff9e6dc9154f1848350d2fa03c9f3c0b3509af18ef3e21176516636
Size

127KB
Sample

221206-hav6rafc5t
MD5

7c1e2008ab6d06e9a2884e816c4cce06
SHA1

24f8bd3bcf6d86933e48d03c29c71c5ee0c80a34
SHA256

e12ad27e8ff9e6dc9154f1848350d2fa03c9f3c0b3509af18ef3e21176516636
SHA512

7d130f436c42968a818e2673b2dc9a24acdb858d933b722696ed9b79add19559d8b6994cf226f1741da251e1cb0427de9b9bc9cca8cc34e388fdac29926491df
SSDEEP

3072:Kpga6wBiZjyxz70zURg3tSiZPNe5sXhpMnd8KEc2JN:KpgmBi8F04mDeCwC

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e12ad27e8ff9e6dc9154f1848350d2fa03c9f3c0b3509af18ef3e21176516636
- Size
  
  127KB
- MD5
  
  7c1e2008ab6d06e9a2884e816c4cce06
- SHA1
  
  24f8bd3bcf6d86933e48d03c29c71c5ee0c80a34
- SHA256
  
  e12ad27e8ff9e6dc9154f1848350d2fa03c9f3c0b3509af18ef3e21176516636
- SHA512
  
  7d130f436c42968a818e2673b2dc9a24acdb858d933b722696ed9b79add19559d8b6994cf226f1741da251e1cb0427de9b9bc9cca8cc34e388fdac29926491df
- SSDEEP
  
  3072:Kpga6wBiZjyxz70zURg3tSiZPNe5sXhpMnd8KEc2JN:KpgmBi8F04mDeCwC
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2