e55c7b3a56b807f31c8d68bf8c157da9e80522a60a3e4d3be90e101ff85c9ef8 | Triage

Sharing

General

Target

f9881c6c96dbc5d18764ba0a11b45f91
Size

127KB
Sample

231228-1dcspahcgl
MD5

f9881c6c96dbc5d18764ba0a11b45f91
SHA1

b572ff448413b40259b48b288eb8c91e70b6186c
SHA256

e55c7b3a56b807f31c8d68bf8c157da9e80522a60a3e4d3be90e101ff85c9ef8
SHA512

4bce771d25286fce7570165e82dadf6f6dbbac1760afd7bd2f0c6262c2509b7c595b1c963b4a83314fcf5ae39779081ffdc905360351ba5fdd73e2c52fc8300c
SSDEEP

3072:ifC0OGQDdZJPESvZPHojlJ6+NOctcUoDthgM3X73OL5PFn0wcccccccc:MfOBvvVHojq+FoDAs30PFn0wcccccccc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f9881c6c96dbc5d18764ba0a11b45f91
- Size
  
  127KB
- MD5
  
  f9881c6c96dbc5d18764ba0a11b45f91
- SHA1
  
  b572ff448413b40259b48b288eb8c91e70b6186c
- SHA256
  
  e55c7b3a56b807f31c8d68bf8c157da9e80522a60a3e4d3be90e101ff85c9ef8
- SHA512
  
  4bce771d25286fce7570165e82dadf6f6dbbac1760afd7bd2f0c6262c2509b7c595b1c963b4a83314fcf5ae39779081ffdc905360351ba5fdd73e2c52fc8300c
- SSDEEP
  
  3072:ifC0OGQDdZJPESvZPHojlJ6+NOctcUoDthgM3X73OL5PFn0wcccccccc:MfOBvvVHojq+FoDAs30PFn0wcccccccc
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2