13bb66188c0414b1877c0932a60dcf02c14a00e9bbdd93f8a84a72aab728e711 | Triage

Sharing

General

Target

6ad65da4a8999897c2bbaea1c88c9f39
Size

124KB
Sample

231226-nlwjjsebc2
MD5

6ad65da4a8999897c2bbaea1c88c9f39
SHA1

a4966349d1fd70dca26314b0304e1673b4e3cdce
SHA256

13bb66188c0414b1877c0932a60dcf02c14a00e9bbdd93f8a84a72aab728e711
SHA512

7902b459f2a84c24211991e3884fc34df1175e74cc288c4c69d785765162bd00f17115bb56c82703c08b85d51f50b7f04d7bf140f8320ec2dacb6a6e53d6e165
SSDEEP

3072:WMV27Wolfw3I3Y5jiQVZQrKCD+RRluJVrLDvwl0:WMVClfw4IkQ0URrujDk

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6ad65da4a8999897c2bbaea1c88c9f39
- Size
  
  124KB
- MD5
  
  6ad65da4a8999897c2bbaea1c88c9f39
- SHA1
  
  a4966349d1fd70dca26314b0304e1673b4e3cdce
- SHA256
  
  13bb66188c0414b1877c0932a60dcf02c14a00e9bbdd93f8a84a72aab728e711
- SHA512
  
  7902b459f2a84c24211991e3884fc34df1175e74cc288c4c69d785765162bd00f17115bb56c82703c08b85d51f50b7f04d7bf140f8320ec2dacb6a6e53d6e165
- SSDEEP
  
  3072:WMV27Wolfw3I3Y5jiQVZQrKCD+RRluJVrLDvwl0:WMVClfw4IkQ0URrujDk
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2