5bab80eda34ad508f34d46a245669920dbba51d665ce35fd85e3677e5eaf82b8 | Triage

Sharing

General

Target

5bab80eda34ad508f34d46a245669920dbba51d665ce35fd85e3677e5eaf82b8
Size

80KB
Sample

230919-1tzbmacc3s
MD5

a779f5a538504029ae2fe3b3ba01400d
SHA1

360b85f82f03cfd81586b93fdd82ede07464bc24
SHA256

5bab80eda34ad508f34d46a245669920dbba51d665ce35fd85e3677e5eaf82b8
SHA512

a39ae08583df0c9dfbd1072757cd6406b0e9e633dd9961bb7617e9baf986e6cc2ef43776e85d3cd7d073b7ea9e42cc9adeb0ea6f86dcca6fb85a2a60c566685c
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOCMPR:GhfxHNIreQm+HixMPR

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5bab80eda34ad508f34d46a245669920dbba51d665ce35fd85e3677e5eaf82b8
- Size
  
  80KB
- MD5
  
  a779f5a538504029ae2fe3b3ba01400d
- SHA1
  
  360b85f82f03cfd81586b93fdd82ede07464bc24
- SHA256
  
  5bab80eda34ad508f34d46a245669920dbba51d665ce35fd85e3677e5eaf82b8
- SHA512
  
  a39ae08583df0c9dfbd1072757cd6406b0e9e633dd9961bb7617e9baf986e6cc2ef43776e85d3cd7d073b7ea9e42cc9adeb0ea6f86dcca6fb85a2a60c566685c
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOCMPR:GhfxHNIreQm+HixMPR
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2