4def281fb52e2438b45f8d5294e19222b234b2ad999b95969e77f79c25a54437 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4def281fb52e2438b45f8d5294e19222b234b2ad999b95969e77f79c25a54437
Size

2.5MB
Sample

231107-jlv6kaeg26
MD5

e133664b4a0761ff51f2c3606e1bf034
SHA1

1ae5fe3a9dd53cbc1fa199b921656da6578acfbc
SHA256

4def281fb52e2438b45f8d5294e19222b234b2ad999b95969e77f79c25a54437
SHA512

79e15bc774b00260f30f9888796e469c56025a910123a27c364abd2b827b0dff070491aa23844024a984630b47c0587d003dd8e707c83cd5bb11200ff453894a
SSDEEP

49152:Mqe3f6S5L53l9NQ724MXwuJQ9iEpWHGG2Jm:ZSi03jNDqSwTCww

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  4def281fb52e2438b45f8d5294e19222b234b2ad999b95969e77f79c25a54437
- Size
  
  2.5MB
- MD5
  
  e133664b4a0761ff51f2c3606e1bf034
- SHA1
  
  1ae5fe3a9dd53cbc1fa199b921656da6578acfbc
- SHA256
  
  4def281fb52e2438b45f8d5294e19222b234b2ad999b95969e77f79c25a54437
- SHA512
  
  79e15bc774b00260f30f9888796e469c56025a910123a27c364abd2b827b0dff070491aa23844024a984630b47c0587d003dd8e707c83cd5bb11200ff453894a
- SSDEEP
  
  49152:Mqe3f6S5L53l9NQ724MXwuJQ9iEpWHGG2Jm:ZSi03jNDqSwTCww
Score

8^/10

discovery persistence
- Creates new service(s)
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence