933a174b20c4950688fe031b8a148c27feba78c7517a2c60bb6ad3720ab0fe34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f54fb3ec09cdaafc930dd45f96f72435
Size

130KB
Sample

231222-t5dezahdhn
MD5

f54fb3ec09cdaafc930dd45f96f72435
SHA1

715b50dd096520d65f4d2d93b3df587894bb9ff1
SHA256

933a174b20c4950688fe031b8a148c27feba78c7517a2c60bb6ad3720ab0fe34
SHA512

6f4d0699118dfeccc95b5ee1e702a67eacb8cf3140259932cca5280e8b3095897bdbc4b583cc6277de733a86402eb5bfbf861cdec4468ed26a3f754e7f773dbe
SSDEEP

1536:Y/+J/2d2Bv/JDFYxG0//xLHIgdrXHfmmQVZfLrmtfwGpi+x8k0Ysu06ouqA4w8oX:Y/I2cKfZvFXHfmlDsco+Wf+J8xbvxToW

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  f54fb3ec09cdaafc930dd45f96f72435
- Size
  
  130KB
- MD5
  
  f54fb3ec09cdaafc930dd45f96f72435
- SHA1
  
  715b50dd096520d65f4d2d93b3df587894bb9ff1
- SHA256
  
  933a174b20c4950688fe031b8a148c27feba78c7517a2c60bb6ad3720ab0fe34
- SHA512
  
  6f4d0699118dfeccc95b5ee1e702a67eacb8cf3140259932cca5280e8b3095897bdbc4b583cc6277de733a86402eb5bfbf861cdec4468ed26a3f754e7f773dbe
- SSDEEP
  
  1536:Y/+J/2d2Bv/JDFYxG0//xLHIgdrXHfmmQVZfLrmtfwGpi+x8k0Ysu06ouqA4w8oX:Y/I2cKfZvFXHfmlDsco+Wf+J8xbvxToW
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2