f9c038922b545416d36e75a7c61dea7c25aab891c7881fee1b3e46219e93d8c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9c038922b545416d36e75a7c61dea7c25aab891c7881fee1b3e46219e93d8c2
Size

82KB
Sample

231012-knsc5ahe8w
MD5

becf7cd3f261df82f7b378dd2a0ec127
SHA1

0b0367244cf4e668911198fa53c2d819eb8fbc4f
SHA256

f9c038922b545416d36e75a7c61dea7c25aab891c7881fee1b3e46219e93d8c2
SHA512

576991dd429fa243f3430621b1e7a601a4fd36b6b3e3d64540d6a6135c1e9210f8ea5fc629d74183c74a012f112b1d05fd2a3834eb6da93e15bbcd50d22986ef
SSDEEP

768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOcm:RshfSWHHNvoLqNwDDGw02eQmh0HjWOd

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f9c038922b545416d36e75a7c61dea7c25aab891c7881fee1b3e46219e93d8c2
- Size
  
  82KB
- MD5
  
  becf7cd3f261df82f7b378dd2a0ec127
- SHA1
  
  0b0367244cf4e668911198fa53c2d819eb8fbc4f
- SHA256
  
  f9c038922b545416d36e75a7c61dea7c25aab891c7881fee1b3e46219e93d8c2
- SHA512
  
  576991dd429fa243f3430621b1e7a601a4fd36b6b3e3d64540d6a6135c1e9210f8ea5fc629d74183c74a012f112b1d05fd2a3834eb6da93e15bbcd50d22986ef
- SSDEEP
  
  768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOcm:RshfSWHHNvoLqNwDDGw02eQmh0HjWOd
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2