9dc11fa06d9a71fa786726bf3e902e81f3a10fda7b5e7fb8f9885432d3d15f47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

282e86dfc6a55b5c1411919f8ca6a059
Size

33KB
Sample

231231-e4cpqadfg2
MD5

282e86dfc6a55b5c1411919f8ca6a059
SHA1

bcee2f3048db7ac97650cf8bd9b4bfcdbc5565ac
SHA256

9dc11fa06d9a71fa786726bf3e902e81f3a10fda7b5e7fb8f9885432d3d15f47
SHA512

257ae8314c642d794c4f2ed6d99f19eb64c3d5a67750228dd585e1309cf40d7a2e1258fef085db759da0da2f09770147bf8ad7a73a8803641e0f341b2e73a305
SSDEEP

384:+RnFbBh3z3r39n3c8dMdOuMuqFn3rVaGEg0pvIQ4yKSDshEipJgLa0Mp8Bf5KKYJ:InFbsqFbXEgKjCgLa1EsKYdmCb0P4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  282e86dfc6a55b5c1411919f8ca6a059
- Size
  
  33KB
- MD5
  
  282e86dfc6a55b5c1411919f8ca6a059
- SHA1
  
  bcee2f3048db7ac97650cf8bd9b4bfcdbc5565ac
- SHA256
  
  9dc11fa06d9a71fa786726bf3e902e81f3a10fda7b5e7fb8f9885432d3d15f47
- SHA512
  
  257ae8314c642d794c4f2ed6d99f19eb64c3d5a67750228dd585e1309cf40d7a2e1258fef085db759da0da2f09770147bf8ad7a73a8803641e0f341b2e73a305
- SSDEEP
  
  384:+RnFbBh3z3r39n3c8dMdOuMuqFn3rVaGEg0pvIQ4yKSDshEipJgLa0Mp8Bf5KKYJ:InFbsqFbXEgKjCgLa1EsKYdmCb0P4
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2