a9c7468a3e1f8d347c2a9d7192e40ee48d32f7c906f05fe5c6645890b0303dde | Triage

Sharing

General

Target

a9c7468a3e1f8d347c2a9d7192e40ee48d32f7c906f05fe5c6645890b0303dde
Size

15KB
Sample

221206-vr4wfaah7z
MD5

519dc963fbeba5341d3220439a01dac0
SHA1

b1c9a7ec69bf830f425a7b6261e059bc8b26e15b
SHA256

a9c7468a3e1f8d347c2a9d7192e40ee48d32f7c906f05fe5c6645890b0303dde
SHA512

fdf79e8091dd9a52e7f76be9ad97c507b9fe31f36e09d2fb40b8fc3caf3d59336143e8816c6fb592362c182f43c2050549e8a86dd46ef2db92e5d760d3fbeb59
SSDEEP

192:Pf66dhMUDmHPZAga1Rkdld9HUR6m5i6zCPZoZ89qW0JJdJgZ7p+uauGA4Uk2hUY:jaRW1RWz9i6fZoZOqW0zid+uaNAx

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a9c7468a3e1f8d347c2a9d7192e40ee48d32f7c906f05fe5c6645890b0303dde
- Size
  
  15KB
- MD5
  
  519dc963fbeba5341d3220439a01dac0
- SHA1
  
  b1c9a7ec69bf830f425a7b6261e059bc8b26e15b
- SHA256
  
  a9c7468a3e1f8d347c2a9d7192e40ee48d32f7c906f05fe5c6645890b0303dde
- SHA512
  
  fdf79e8091dd9a52e7f76be9ad97c507b9fe31f36e09d2fb40b8fc3caf3d59336143e8816c6fb592362c182f43c2050549e8a86dd46ef2db92e5d760d3fbeb59
- SSDEEP
  
  192:Pf66dhMUDmHPZAga1Rkdld9HUR6m5i6zCPZoZ89qW0JJdJgZ7p+uauGA4Uk2hUY:jaRW1RWz9i6fZoZOqW0zid+uaNAx
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2