998a9ec980103557b8d5dd8712daf5f9c9c349d22b63fb2f6a1cb0f86232ce9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ca38a30ab317120dd0f0d2c6c5a1edd04259cf63269c7121707c9bc70f239d7.exe.zip
Size

3.6MB
Sample

231231-b517xsgccl
MD5

b9f4739e25533ae5b5abc1b96f13916e
SHA1

c3cec823367c490c66dc2c415b10d3c3347a4c2f
SHA256

998a9ec980103557b8d5dd8712daf5f9c9c349d22b63fb2f6a1cb0f86232ce9c
SHA512

5e605ff700eb58ff6e4d0fedbc546160af9316c3fb360f939e231cdee32f1697497679131784851c3f978b3c5c8788fc55406176ddda38b6735b44114144ccd3
SSDEEP

98304:rzTJuCTVUXxfTRzs2se4J8jHCE+e+QA0oUW:rJuCTwdFzdsdJ6Aeg0HW

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  9ca38a30ab317120dd0f0d2c6c5a1edd04259cf63269c7121707c9bc70f239d7.exe
- Size
  
  3.6MB
- MD5
  
  72b5dabb54b8e5670356196f7acb1451
- SHA1
  
  b276e1f3adef604c3c3a3ef81b85cc1eef5eda8e
- SHA256
  
  9ca38a30ab317120dd0f0d2c6c5a1edd04259cf63269c7121707c9bc70f239d7
- SHA512
  
  66e769bdf04a92a23c616184b5f5fe5bbb060f9749a4e62d571835286fa5d7d1025d6be0be4387f2d3e2deca44155a8dd5e814ba8d20ab55985beba7fa509423
- SSDEEP
  
  98304:TWMpvfckkBJM/tBFENRK+pvpIpW1afQtU1/a:TWMpvfpq2BELKmvYo
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2