ff8ccabeff8c79061f5957e86f2733cc7a20538807047f202d4d894ac9295d66 | Triage

Sharing

General

Target

ff8ccabeff8c79061f5957e86f2733cc7a20538807047f202d4d894ac9295d66
Size

5.3MB
Sample

230613-d9mlfafb6z
MD5

7c599412a10e9277f0cf58c9a435525f
SHA1

064c69f78d60712b63fc613f98ec3f566b0d86f9
SHA256

ff8ccabeff8c79061f5957e86f2733cc7a20538807047f202d4d894ac9295d66
SHA512

81dbd1b88af39dfb0b6f47cd99fb9a9ae8bfdb50e27db06123eccb69e6e2d76e834b15688029df003daf5aeddd0f9dbae5679d1f7ad10c0ec55e8876c3194ab1
SSDEEP

98304:merFK0rkWjJdH+tT70GtVoyFUanjA5uYez0AlUPihmgwyfmNAzyNXm:5uECT70GTVF9A8ki0Al

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ff8ccabeff8c79061f5957e86f2733cc7a20538807047f202d4d894ac9295d66
- Size
  
  5.3MB
- MD5
  
  7c599412a10e9277f0cf58c9a435525f
- SHA1
  
  064c69f78d60712b63fc613f98ec3f566b0d86f9
- SHA256
  
  ff8ccabeff8c79061f5957e86f2733cc7a20538807047f202d4d894ac9295d66
- SHA512
  
  81dbd1b88af39dfb0b6f47cd99fb9a9ae8bfdb50e27db06123eccb69e6e2d76e834b15688029df003daf5aeddd0f9dbae5679d1f7ad10c0ec55e8876c3194ab1
- SSDEEP
  
  98304:merFK0rkWjJdH+tT70GtVoyFUanjA5uYez0AlUPihmgwyfmNAzyNXm:5uECT70GTVF9A8ki0Al
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2