919eca4e74525fe9a5caafcb0be729be64a9773d4607a2fb615f128f64b1faaf | Triage

Sharing

General

Target

ConnectShellSetup11.exe
Size

609KB
Sample

221213-nxyhaaee67
MD5

00b6898bf01716f6fe6c1fc1e7256905
SHA1

aedd9210f27091f9b8ad654b4558609c2688379d
SHA256

919eca4e74525fe9a5caafcb0be729be64a9773d4607a2fb615f128f64b1faaf
SHA512

48a0c45996f5165ccd86d2d6454f8738072f4911556e822a0ff6ba8f293802fca39290659c30a394796857bbe8734b6f9fa1bc74ef4dc66d16bb87643c9d18a5
SSDEEP

12288:EA88Vmz5maLaNuGIoS30Dw6SVjgJfNJtPOu/u2/xLyRJWTLgRT06raYED/CyZeU/:EA3SeIvifNJxOuRTlN/CWuWO3A

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ConnectShellSetup11.exe
- Size
  
  609KB
- MD5
  
  00b6898bf01716f6fe6c1fc1e7256905
- SHA1
  
  aedd9210f27091f9b8ad654b4558609c2688379d
- SHA256
  
  919eca4e74525fe9a5caafcb0be729be64a9773d4607a2fb615f128f64b1faaf
- SHA512
  
  48a0c45996f5165ccd86d2d6454f8738072f4911556e822a0ff6ba8f293802fca39290659c30a394796857bbe8734b6f9fa1bc74ef4dc66d16bb87643c9d18a5
- SSDEEP
  
  12288:EA88Vmz5maLaNuGIoS30Dw6SVjgJfNJtPOu/u2/xLyRJWTLgRT06raYED/CyZeU/:EA3SeIvifNJxOuRTlN/CWuWO3A
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence