a0433d20d60832e18ccecae6570e7ed56d38f0695db63b3140cf48e70bec6431 | Triage

Sharing

General

Target

BackupInvoke.vstx
Size

405KB
Sample

230331-yjs1rach83
MD5

5740a2df489b5cf007d51eb89d9312de
SHA1

880a5d7b44674c2da43491a9d1ed78160cb593c2
SHA256

a0433d20d60832e18ccecae6570e7ed56d38f0695db63b3140cf48e70bec6431
SHA512

911b10766d546f43578f543bc97b4bbabc8cfb5a9d07e14cb7686c1dafe57bb5721dd95344f545e593a8f42054ef8b167fdbb215ca016e46c8f088f8b5a3f693
SSDEEP

6144:4WxXYMsPhDPk0jmjsumrTJLZ2fm5AJTZzY2tIeTcuWNV6J/mQWofz+3wYJwTd9:4WJsZDPjAmrVL+TZye4xmJ/mQ/fCxwTr

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  BackupInvoke.vstx
- Size
  
  405KB
- MD5
  
  5740a2df489b5cf007d51eb89d9312de
- SHA1
  
  880a5d7b44674c2da43491a9d1ed78160cb593c2
- SHA256
  
  a0433d20d60832e18ccecae6570e7ed56d38f0695db63b3140cf48e70bec6431
- SHA512
  
  911b10766d546f43578f543bc97b4bbabc8cfb5a9d07e14cb7686c1dafe57bb5721dd95344f545e593a8f42054ef8b167fdbb215ca016e46c8f088f8b5a3f693
- SSDEEP
  
  6144:4WxXYMsPhDPk0jmjsumrTJLZ2fm5AJTZzY2tIeTcuWNV6J/mQWofz+3wYJwTd9:4WJsZDPjAmrVL+TZye4xmJ/mQ/fCxwTr
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1