678e638175437569437f70b98c61abce2ebff0f0e646b5cab73320dd1d2615e1 | Triage

Sharing

General

Target

678e638175437569437f70b98c61abce2ebff0f0e646b5cab73320dd1d2615e1
Size

3.6MB
Sample

221206-v7ss4shf46
MD5

9c8dd2fe878d823e04dcc1cb74f8b1da
SHA1

d4d228927bffd818a631be297005128ced74f24f
SHA256

678e638175437569437f70b98c61abce2ebff0f0e646b5cab73320dd1d2615e1
SHA512

e5394a2d1e1bf942f106667e3422ac02101125ba1b51e24e492ef3bc4249459e60fcbe9d43b8aa4c2676c97f2281e0f8fe338d0ea68850ca7e648da7c28e4c6d
SSDEEP

98304:+RKWxbNFheM2EjMMMMMMMMMMcMMMMMMMMMMMMWMMMMMMMMMMMMOjR5I0k:+RKWxxyDI0k

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  678e638175437569437f70b98c61abce2ebff0f0e646b5cab73320dd1d2615e1
- Size
  
  3.6MB
- MD5
  
  9c8dd2fe878d823e04dcc1cb74f8b1da
- SHA1
  
  d4d228927bffd818a631be297005128ced74f24f
- SHA256
  
  678e638175437569437f70b98c61abce2ebff0f0e646b5cab73320dd1d2615e1
- SHA512
  
  e5394a2d1e1bf942f106667e3422ac02101125ba1b51e24e492ef3bc4249459e60fcbe9d43b8aa4c2676c97f2281e0f8fe338d0ea68850ca7e648da7c28e4c6d
- SSDEEP
  
  98304:+RKWxbNFheM2EjMMMMMMMMMMcMMMMMMMMMMMMWMMMMMMMMMMMMOjR5I0k:+RKWxxyDI0k
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence