10acf2393d7d78ff700b8af4b64acfdc763817abb112b0f771b3ff3b13505718 | Triage

Sharing

General

Target

1RsaFv.png
Size

1.7MB
Sample

230615-q223dahe54
MD5

b4ed79fe7234d94f2cdddcc5aac79cb4
SHA1

dab8af5932dc67a200dc445ece0f297aed17706f
SHA256

10acf2393d7d78ff700b8af4b64acfdc763817abb112b0f771b3ff3b13505718
SHA512

7feea6041f1712a1db8c6f1ae3ee8e88dd0a8a8a52cb06b687daffa3657697aebd0e633032b49ab43791a40449683dbec7fa84acb6c653f0e854b74adef13557
SSDEEP

49152:UsqTm+ZyUPvtY2T+cWIjvyvr4xa2Z6emC4GhDuGBEsQEFTQTi:UfTmbUPvKdc/j6vr4xaQ6epDuGBE1EF/

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  1RsaFv.png
- Size
  
  1.7MB
- MD5
  
  b4ed79fe7234d94f2cdddcc5aac79cb4
- SHA1
  
  dab8af5932dc67a200dc445ece0f297aed17706f
- SHA256
  
  10acf2393d7d78ff700b8af4b64acfdc763817abb112b0f771b3ff3b13505718
- SHA512
  
  7feea6041f1712a1db8c6f1ae3ee8e88dd0a8a8a52cb06b687daffa3657697aebd0e633032b49ab43791a40449683dbec7fa84acb6c653f0e854b74adef13557
- SSDEEP
  
  49152:UsqTm+ZyUPvtY2T+cWIjvyvr4xa2Z6emC4GhDuGBEsQEFTQTi:UfTmbUPvKdc/j6vr4xaQ6epDuGBE1EF/
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2