c386aec50c9adc20922d419e1161d3676771140d58d0e74f71fde232c0a97d87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c0ae32452e5bb9d746fd5c7e86f7375
Size

591KB
Sample

240101-gf2eaafcd5
MD5

3c0ae32452e5bb9d746fd5c7e86f7375
SHA1

a379f1a361bf5e83f78ce9af053e4667298809aa
SHA256

c386aec50c9adc20922d419e1161d3676771140d58d0e74f71fde232c0a97d87
SHA512

88c25d9bd15227676f35a81655c5ac775c15a7fccfbe966b9e2b2ee08923716b1f40935eaa7d2148d9af836515c215ded74a25c49a550c931116693c39ec2474
SSDEEP

12288:c9Ny+YnjhYKmSllXJomvamiYZ+BOBgmp9oip3R+h+t:c3ynB5llXmmrZEeHp9oip3R

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3c0ae32452e5bb9d746fd5c7e86f7375
- Size
  
  591KB
- MD5
  
  3c0ae32452e5bb9d746fd5c7e86f7375
- SHA1
  
  a379f1a361bf5e83f78ce9af053e4667298809aa
- SHA256
  
  c386aec50c9adc20922d419e1161d3676771140d58d0e74f71fde232c0a97d87
- SHA512
  
  88c25d9bd15227676f35a81655c5ac775c15a7fccfbe966b9e2b2ee08923716b1f40935eaa7d2148d9af836515c215ded74a25c49a550c931116693c39ec2474
- SSDEEP
  
  12288:c9Ny+YnjhYKmSllXJomvamiYZ+BOBgmp9oip3R+h+t:c3ynB5llXmmrZEeHp9oip3R
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2