99cbda0f3a69bb11cdd5c57a9546f95ba472a7461a055feccd6138c3125da41c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99cbda0f3a69bb11cdd5c57a9546f95ba472a7461a055feccd6138c3125da41c
Size

1.7MB
Sample

230828-g22xyage94
MD5

6e2565416b5acc70d3222608c6b8ab17
SHA1

02cc79d9a51cadd23020f78e8404bb7df355fda0
SHA256

99cbda0f3a69bb11cdd5c57a9546f95ba472a7461a055feccd6138c3125da41c
SHA512

dd671bb002cb578b0809a07da02bc7b49e2e5d55efc152b512f1dbdd808ae7712805d1b28f44498f44dae7171907cbdda7a0b57de0a2cfd94d3e79b50eafdb3d
SSDEEP

49152:ZJ5W+3tzEfsRSbJtbCor2nLfQlyCAI0T:Za2LRSbreor+OT0

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  99cbda0f3a69bb11cdd5c57a9546f95ba472a7461a055feccd6138c3125da41c
- Size
  
  1.7MB
- MD5
  
  6e2565416b5acc70d3222608c6b8ab17
- SHA1
  
  02cc79d9a51cadd23020f78e8404bb7df355fda0
- SHA256
  
  99cbda0f3a69bb11cdd5c57a9546f95ba472a7461a055feccd6138c3125da41c
- SHA512
  
  dd671bb002cb578b0809a07da02bc7b49e2e5d55efc152b512f1dbdd808ae7712805d1b28f44498f44dae7171907cbdda7a0b57de0a2cfd94d3e79b50eafdb3d
- SSDEEP
  
  49152:ZJ5W+3tzEfsRSbJtbCor2nLfQlyCAI0T:Za2LRSbreor+OT0
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2