a6fa4015cf573a5a9724e4d004f4f1b0978c6be29acc187acf8a93487d4011d4 | Triage

Sharing

General

Target

a6fa4015cf573a5a9724e4d004f4f1b0978c6be29acc187acf8a93487d4011d4
Size

460KB
Sample

231125-yrr4esce25
MD5

c9f5a84d240a4102e4bc7e57e02a0a16
SHA1

32f074b7ef4aa4a4bf572a6282139a46b9004c30
SHA256

a6fa4015cf573a5a9724e4d004f4f1b0978c6be29acc187acf8a93487d4011d4
SHA512

35d49308b65b54900b3dc8610d4ef91e8b489874fc9e4549560bb1980f67cab3485c5117f4558426229733dc14e06bb61f783d4f84a1eb6ef52573cf50ec9b89
SSDEEP

3072:deIbIHxwt0KHBdMDSBgR74kvt9GeZRSdrxGR3sYpkWCcsOiOOmB/JJpuh:de/HWTHvMuORbv3Krxa3sikmDXJpi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a6fa4015cf573a5a9724e4d004f4f1b0978c6be29acc187acf8a93487d4011d4
- Size
  
  460KB
- MD5
  
  c9f5a84d240a4102e4bc7e57e02a0a16
- SHA1
  
  32f074b7ef4aa4a4bf572a6282139a46b9004c30
- SHA256
  
  a6fa4015cf573a5a9724e4d004f4f1b0978c6be29acc187acf8a93487d4011d4
- SHA512
  
  35d49308b65b54900b3dc8610d4ef91e8b489874fc9e4549560bb1980f67cab3485c5117f4558426229733dc14e06bb61f783d4f84a1eb6ef52573cf50ec9b89
- SSDEEP
  
  3072:deIbIHxwt0KHBdMDSBgR74kvt9GeZRSdrxGR3sYpkWCcsOiOOmB/JJpuh:de/HWTHvMuORbv3Krxa3sikmDXJpi
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2