1f57e150f51efa6cb3ad2be3aa0291aed7ea58a2f5ef48055eaf6c8b4ffe76c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a89da79468e7095fd.exe
Size

733KB
Sample

231030-rs5ycade4w
MD5

74f95dedd7201e0002f18308dc9de279
SHA1

71c9d9138f75f00b04f70d1b203f1a4f6b1300ad
SHA256

1f57e150f51efa6cb3ad2be3aa0291aed7ea58a2f5ef48055eaf6c8b4ffe76c1
SHA512

6cd1213efd478bdbe842cc5c601cc9bfb674efbfef074992a2889d00865c66fea97adc7370c6f52cea383fc61f2d19d4f1eae4afa6f96563c18c95450c4a35dc
SSDEEP

12288:xdvu5JeQd0ubS6TtKoOfiC91iLXlg+O6yCNI7UKaEFEXdZI7I:/ueC9RtKoVi1ib2cNI7KXLI0

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a89da79468e7095fd.exe
- Size
  
  733KB
- MD5
  
  74f95dedd7201e0002f18308dc9de279
- SHA1
  
  71c9d9138f75f00b04f70d1b203f1a4f6b1300ad
- SHA256
  
  1f57e150f51efa6cb3ad2be3aa0291aed7ea58a2f5ef48055eaf6c8b4ffe76c1
- SHA512
  
  6cd1213efd478bdbe842cc5c601cc9bfb674efbfef074992a2889d00865c66fea97adc7370c6f52cea383fc61f2d19d4f1eae4afa6f96563c18c95450c4a35dc
- SSDEEP
  
  12288:xdvu5JeQd0ubS6TtKoOfiC91iLXlg+O6yCNI7UKaEFEXdZI7I:/ueC9RtKoVi1ib2cNI7KXLI0
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2