6ac5ced3eada09a961843877a131cd9462a43db94922a96e1cd0df1d3605e6db | Triage

Sharing

General

Target

6ac5ced3eada09a961843877a131cd9462a43db94922a96e1cd0df1d3605e6db
Size

7.3MB
Sample

230824-fekjpsbf6t
MD5

4654dacc48d3d07cd181abc4a518ebd4
SHA1

c5c5f8f432bb5ba3ab0b2354610c4e9c652141ec
SHA256

6ac5ced3eada09a961843877a131cd9462a43db94922a96e1cd0df1d3605e6db
SHA512

7a7456935bb4870c23f11d63303f8e00d5acb631ae2ad630fc8c957d8097ee246caf2a51506552de325d43bce0cbf8d9785d85a790bd92b467e4e522810bf2c3
SSDEEP

196608:NtSa70OhetNH3Mpci96G+Fx3EJzpz3qvuS+EhceUSgJ3NUa1oT+297wf:nDw1tN1rCBWuSThcPSgFNUaCK297

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6ac5ced3eada09a961843877a131cd9462a43db94922a96e1cd0df1d3605e6db
- Size
  
  7.3MB
- MD5
  
  4654dacc48d3d07cd181abc4a518ebd4
- SHA1
  
  c5c5f8f432bb5ba3ab0b2354610c4e9c652141ec
- SHA256
  
  6ac5ced3eada09a961843877a131cd9462a43db94922a96e1cd0df1d3605e6db
- SHA512
  
  7a7456935bb4870c23f11d63303f8e00d5acb631ae2ad630fc8c957d8097ee246caf2a51506552de325d43bce0cbf8d9785d85a790bd92b467e4e522810bf2c3
- SSDEEP
  
  196608:NtSa70OhetNH3Mpci96G+Fx3EJzpz3qvuS+EhceUSgJ3NUa1oT+297wf:nDw1tN1rCBWuSThcPSgFNUaCK297
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2