a498beee68c362f34da7165d992e95f7c459576ed07c3c56872a5a0fdb480ac2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a498beee68c362f34da7165d992e95f7c459576ed07c3c56872a5a0fdb480ac2
Size

3.1MB
Sample

221206-rn92haeg64
MD5

51448be7d29ec5014abfbd184869726b
SHA1

400524e236d46f06c6bf9e259cf8886b523125bb
SHA256

a498beee68c362f34da7165d992e95f7c459576ed07c3c56872a5a0fdb480ac2
SHA512

4020b3f5ccbf8eccaca5255eb2eb57d5e53eb2196a2d4693161cc243cb4cafe3fb114af5bb5c90548c201ab8c1a54f16d173198d1e557b447a2a06219d4cbb05
SSDEEP

49152:VeTQwXuloWo7YG+/Dj1iu8d2+kVTpxtBxaKV:VXlXFG+LjUu8sz7aq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a498beee68c362f34da7165d992e95f7c459576ed07c3c56872a5a0fdb480ac2
- Size
  
  3.1MB
- MD5
  
  51448be7d29ec5014abfbd184869726b
- SHA1
  
  400524e236d46f06c6bf9e259cf8886b523125bb
- SHA256
  
  a498beee68c362f34da7165d992e95f7c459576ed07c3c56872a5a0fdb480ac2
- SHA512
  
  4020b3f5ccbf8eccaca5255eb2eb57d5e53eb2196a2d4693161cc243cb4cafe3fb114af5bb5c90548c201ab8c1a54f16d173198d1e557b447a2a06219d4cbb05
- SSDEEP
  
  49152:VeTQwXuloWo7YG+/Dj1iu8d2+kVTpxtBxaKV:VXlXFG+LjUu8sz7aq
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2