d22597648335251996a97f84660e43d3c7c7eebacd024b2bb76f77bb220d7d55 | Triage

Sharing

General

Target

0e2be8da7d4a4a0d70d15ba6313439d5
Size

42KB
Sample

231230-ewmvqadhc3
MD5

0e2be8da7d4a4a0d70d15ba6313439d5
SHA1

4b7b8455c68b1aac7678cea762fbe20fd67f59d9
SHA256

d22597648335251996a97f84660e43d3c7c7eebacd024b2bb76f77bb220d7d55
SHA512

08582389ef419ab62693d391c45909a787f79003bf8cee44dd64e15f2a6976c50a14f117fd9b1f1a4b4592e3dc930ad48d3f7606c706ba66d8c9803aea9fd80f
SSDEEP

768:JLOSDHx0XCobC4T9KFKXRqDqi8Qp02D0g8pPJl5LSN:JLV72q5IXnLQpX0g8pP/dSN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0e2be8da7d4a4a0d70d15ba6313439d5
- Size
  
  42KB
- MD5
  
  0e2be8da7d4a4a0d70d15ba6313439d5
- SHA1
  
  4b7b8455c68b1aac7678cea762fbe20fd67f59d9
- SHA256
  
  d22597648335251996a97f84660e43d3c7c7eebacd024b2bb76f77bb220d7d55
- SHA512
  
  08582389ef419ab62693d391c45909a787f79003bf8cee44dd64e15f2a6976c50a14f117fd9b1f1a4b4592e3dc930ad48d3f7606c706ba66d8c9803aea9fd80f
- SSDEEP
  
  768:JLOSDHx0XCobC4T9KFKXRqDqi8Qp02D0g8pPJl5LSN:JLV72q5IXnLQpX0g8pP/dSN
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2