0cc64cf6384604896b44f43c7fbc2e2b3d3f96319bb3c069624b84fd81809f04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cc64cf6384604896b44f43c7fbc2e2b3d3f96319bb3c069624b84fd81809f04
Size

1.7MB
Sample

230826-kjmxvahb43
MD5

0b9ca5c5cf26871dd287086745fab093
SHA1

2a0c54f08cf15f7dd60f4d6e651deca61b2efca8
SHA256

0cc64cf6384604896b44f43c7fbc2e2b3d3f96319bb3c069624b84fd81809f04
SHA512

2dca722566966f022e0d6a823db2d2c8969a7c495667817baeed2a86e02d0241fbcf362223cc813aef040df08a82ed223f7c797fa7d48ec3cce30387b3f59ca6
SSDEEP

49152:QZw4Wfa9Q4xWhm8I3SZjeTDnY1UER6iIOGm:xfAQ4xWM8qp

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0cc64cf6384604896b44f43c7fbc2e2b3d3f96319bb3c069624b84fd81809f04
- Size
  
  1.7MB
- MD5
  
  0b9ca5c5cf26871dd287086745fab093
- SHA1
  
  2a0c54f08cf15f7dd60f4d6e651deca61b2efca8
- SHA256
  
  0cc64cf6384604896b44f43c7fbc2e2b3d3f96319bb3c069624b84fd81809f04
- SHA512
  
  2dca722566966f022e0d6a823db2d2c8969a7c495667817baeed2a86e02d0241fbcf362223cc813aef040df08a82ed223f7c797fa7d48ec3cce30387b3f59ca6
- SSDEEP
  
  49152:QZw4Wfa9Q4xWhm8I3SZjeTDnY1UER6iIOGm:xfAQ4xWM8qp
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2