5302da4f10cc27bc62e4b485c5b900e473fe875db0d8b04c70498f9bc40e0f23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5302da4f10cc27bc62e4b485c5b900e473fe875db0d8b04c70498f9bc40e0f23
Size

7.0MB
Sample

230526-ghlfvaef3y
MD5

136878e889bfcc3ddd0a5975ea49a835
SHA1

28792265566d975e02d427747279b73234f1793e
SHA256

5302da4f10cc27bc62e4b485c5b900e473fe875db0d8b04c70498f9bc40e0f23
SHA512

672ec4c37793a5e57e8f229910401afea6386e722c44b2f850a0a43b036483c55250145401943d04650f95eeebc554a51e33c1d8b3ea754d3823aac6e746f583
SSDEEP

98304:iXZa1aZl5W/CTP3ZV0Iibh9xexC5lxzlFgGa06bcXpDG771nDX8kFVd:6ZzWS3Dzibh9x0qr4qDAJ78KV

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  5302da4f10cc27bc62e4b485c5b900e473fe875db0d8b04c70498f9bc40e0f23
- Size
  
  7.0MB
- MD5
  
  136878e889bfcc3ddd0a5975ea49a835
- SHA1
  
  28792265566d975e02d427747279b73234f1793e
- SHA256
  
  5302da4f10cc27bc62e4b485c5b900e473fe875db0d8b04c70498f9bc40e0f23
- SHA512
  
  672ec4c37793a5e57e8f229910401afea6386e722c44b2f850a0a43b036483c55250145401943d04650f95eeebc554a51e33c1d8b3ea754d3823aac6e746f583
- SSDEEP
  
  98304:iXZa1aZl5W/CTP3ZV0Iibh9xexC5lxzlFgGa06bcXpDG771nDX8kFVd:6ZzWS3Dzibh9x0qr4qDAJ78KV
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence