5540a57265c97bcd9f2bf70b1c54005181bbf7b1349096af2842098ee0583762 | Triage

Sharing

General

Target

6906eb472325675485397d872487fb7c
Size

101KB
Sample

231011-h14ktahc5y
MD5

6906eb472325675485397d872487fb7c
SHA1

706228d93e0db307e8b9145f201a337fc4bb0eb1
SHA256

5540a57265c97bcd9f2bf70b1c54005181bbf7b1349096af2842098ee0583762
SHA512

4bf9784317d9b748cb6a3ed17f27bc1d11a218210f1e4d5d858ef4cf58c896e25b1ea7c47d2af138856f901f463e7051235c264dc541c592fc5daad3f6dd25ef
SSDEEP

3072:hNUOWYz6Lf/UyPZ1vMTe4OBRy0m9+tweAV96:hFr6TUk+zsy+

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  6906eb472325675485397d872487fb7c
- Size
  
  101KB
- MD5
  
  6906eb472325675485397d872487fb7c
- SHA1
  
  706228d93e0db307e8b9145f201a337fc4bb0eb1
- SHA256
  
  5540a57265c97bcd9f2bf70b1c54005181bbf7b1349096af2842098ee0583762
- SHA512
  
  4bf9784317d9b748cb6a3ed17f27bc1d11a218210f1e4d5d858ef4cf58c896e25b1ea7c47d2af138856f901f463e7051235c264dc541c592fc5daad3f6dd25ef
- SSDEEP
  
  3072:hNUOWYz6Lf/UyPZ1vMTe4OBRy0m9+tweAV96:hFr6TUk+zsy+
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2