bbdd1e59d49bfb2089dff9d421a095ae32cda3469409b61926c0beea90e86d23 | Triage

Sharing

General

Target

639f5f45bbb24c1abcde313da787bb3b
Size

324KB
Sample

240117-z3676afcg5
MD5

639f5f45bbb24c1abcde313da787bb3b
SHA1

c986c3b93fe956c4c37c7c0edac01c62d1793393
SHA256

bbdd1e59d49bfb2089dff9d421a095ae32cda3469409b61926c0beea90e86d23
SHA512

14b92888055966ed5423f260a62b4a1c7ea0e67fa5d9dfc3869f22ccd1b6ca5b04333bcc86f427c64d61c5075480e7f41b270d24be9307f1b6177489fe11d817
SSDEEP

6144:dREyJZ3ysOUtVMzCxmfQNT2jy7JPRFTqhwTu:rEa3ys/hYQNT5J7gwTu

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  639f5f45bbb24c1abcde313da787bb3b
- Size
  
  324KB
- MD5
  
  639f5f45bbb24c1abcde313da787bb3b
- SHA1
  
  c986c3b93fe956c4c37c7c0edac01c62d1793393
- SHA256
  
  bbdd1e59d49bfb2089dff9d421a095ae32cda3469409b61926c0beea90e86d23
- SHA512
  
  14b92888055966ed5423f260a62b4a1c7ea0e67fa5d9dfc3869f22ccd1b6ca5b04333bcc86f427c64d61c5075480e7f41b270d24be9307f1b6177489fe11d817
- SSDEEP
  
  6144:dREyJZ3ysOUtVMzCxmfQNT2jy7JPRFTqhwTu:rEa3ys/hYQNT5J7gwTu
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2