8d1d36a7ad23626341f658815bfd21a6274f703aca2126bddfad63fa749041be | Triage

Resubmissions

24-03-2024 07:37

240324-jf9f1aah63 6

15-03-2024 19:23

240315-x4at8sah79 6

25-08-2023 22:05

230825-1zgnrsfa38 6

Sharing

General

Target

Tsuchigumo.bat
Size

9KB
Sample

230825-1zgnrsfa38
MD5

8f4f3d4a198b6af8230bb94d41bd25e0
SHA1

d3abc06d50f8fa4069e232ce41296802f217e47a
SHA256

8d1d36a7ad23626341f658815bfd21a6274f703aca2126bddfad63fa749041be
SHA512

e7495a01a05d40e8c628a32cfae15c100be6f1ae5b51abf3802c6c8d8ffd8907fa77a5641500aad6f72c1496b48e47e9787d10057227a1d0e5cd49ccfc088625
SSDEEP

192:9pRjeNekmespRje4CHjeNeXpRjeRmeSweXpLeZpOje4k5nH5ZVxooNjR:9pFkApNCHXpG2JXp2pEk5nR+oNF

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  Tsuchigumo.bat
- Size
  
  9KB
- MD5
  
  8f4f3d4a198b6af8230bb94d41bd25e0
- SHA1
  
  d3abc06d50f8fa4069e232ce41296802f217e47a
- SHA256
  
  8d1d36a7ad23626341f658815bfd21a6274f703aca2126bddfad63fa749041be
- SHA512
  
  e7495a01a05d40e8c628a32cfae15c100be6f1ae5b51abf3802c6c8d8ffd8907fa77a5641500aad6f72c1496b48e47e9787d10057227a1d0e5cd49ccfc088625
- SSDEEP
  
  192:9pRjeNekmespRje4CHjeNeXpRjeRmeSweXpLeZpOje4k5nH5ZVxooNjR:9pFkApNCHXpG2JXp2pEk5nR+oNF
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2