0f4e573141c39156da0c48d8b1e2171b9089fe4497d31fa3f9f4f23d9d05c027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10b5211afd960269d4fe6658d90ad20f
Size

360KB
Sample

231230-gwa72aabhl
MD5

10b5211afd960269d4fe6658d90ad20f
SHA1

f8090a5b189f41137d209dffd51d298660d967a6
SHA256

0f4e573141c39156da0c48d8b1e2171b9089fe4497d31fa3f9f4f23d9d05c027
SHA512

d9439c81e63ec13e335ce6652b2ff853a5a97047c098c7f694655b918533af839f940ecebfb70efa0556020ad57709e49f5909cede2c0e998ddf55593b24ea76
SSDEEP

6144:f1EY61Rx6+XFBtpHdiFsuOP+Ne6JC5OVK5UQL81qItzv69HFJsaQdBZpjpOMlJ:yY673lpHdKKP+NRC5OVskqI5i9HFJ9iH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  10b5211afd960269d4fe6658d90ad20f
- Size
  
  360KB
- MD5
  
  10b5211afd960269d4fe6658d90ad20f
- SHA1
  
  f8090a5b189f41137d209dffd51d298660d967a6
- SHA256
  
  0f4e573141c39156da0c48d8b1e2171b9089fe4497d31fa3f9f4f23d9d05c027
- SHA512
  
  d9439c81e63ec13e335ce6652b2ff853a5a97047c098c7f694655b918533af839f940ecebfb70efa0556020ad57709e49f5909cede2c0e998ddf55593b24ea76
- SSDEEP
  
  6144:f1EY61Rx6+XFBtpHdiFsuOP+Ne6JC5OVK5UQL81qItzv69HFJsaQdBZpjpOMlJ:yY673lpHdKKP+NRC5OVskqI5i9HFJ9iH
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2