364082f6d0adc5c3df471d152e8911cd2eb14c4138aa1f9bf26c10b70d2170f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

364082f6d0adc5c3df471d152e8911cd2eb14c4138aa1f9bf26c10b70d2170f1
Size

1.2MB
Sample

231121-l59t6sed9x
MD5

994c9aeb02d8eaa1dcd71404a02f9544
SHA1

f0972513101d31e97fc3002d000c35f3cb98d6b2
SHA256

364082f6d0adc5c3df471d152e8911cd2eb14c4138aa1f9bf26c10b70d2170f1
SHA512

549e7984805fc75f42480e320351354607f8fab6232d13a9b8d6e135e919315f110191625a77e90d1ab85278af27d495e4b9197c84843c4513d31cf467fff91a
SSDEEP

24576:bNeEdQP8UilUXOb412+8sCKABZ3x1SBD+8tWKZ8vtAYkEDag5Upjb:b8ElUNXnSZKkNPSt+3IOtnfGJb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  364082f6d0adc5c3df471d152e8911cd2eb14c4138aa1f9bf26c10b70d2170f1
- Size
  
  1.2MB
- MD5
  
  994c9aeb02d8eaa1dcd71404a02f9544
- SHA1
  
  f0972513101d31e97fc3002d000c35f3cb98d6b2
- SHA256
  
  364082f6d0adc5c3df471d152e8911cd2eb14c4138aa1f9bf26c10b70d2170f1
- SHA512
  
  549e7984805fc75f42480e320351354607f8fab6232d13a9b8d6e135e919315f110191625a77e90d1ab85278af27d495e4b9197c84843c4513d31cf467fff91a
- SSDEEP
  
  24576:bNeEdQP8UilUXOb412+8sCKABZ3x1SBD+8tWKZ8vtAYkEDag5Upjb:b8ElUNXnSZKkNPSt+3IOtnfGJb
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2