897fdb2440fe6945aca51334daa169146eda8ff92262253bd9899f24ffee1d5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66d1b19a3a04aee5c125fd7f0ab50aee
Size

55KB
Sample

240119-f73kzsgdc8
MD5

66d1b19a3a04aee5c125fd7f0ab50aee
SHA1

4221af85c8624517f3c1d65f1f1625646a248958
SHA256

897fdb2440fe6945aca51334daa169146eda8ff92262253bd9899f24ffee1d5e
SHA512

d1e981e06092db016c50f262633e64d7be0a824bfcef3b53232c7aca76abe8909e6eaa06b51a5c72d84a3c5a57606d4fa54e139f48c935d4d2b7480bf212cdf0
SSDEEP

1536:wwC9+jsv6Mo1FGQJJ24jUlMpbiOzVRn+c:wH+QUGSLQuiiVR+c

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  66d1b19a3a04aee5c125fd7f0ab50aee
- Size
  
  55KB
- MD5
  
  66d1b19a3a04aee5c125fd7f0ab50aee
- SHA1
  
  4221af85c8624517f3c1d65f1f1625646a248958
- SHA256
  
  897fdb2440fe6945aca51334daa169146eda8ff92262253bd9899f24ffee1d5e
- SHA512
  
  d1e981e06092db016c50f262633e64d7be0a824bfcef3b53232c7aca76abe8909e6eaa06b51a5c72d84a3c5a57606d4fa54e139f48c935d4d2b7480bf212cdf0
- SSDEEP
  
  1536:wwC9+jsv6Mo1FGQJJ24jUlMpbiOzVRn+c:wH+QUGSLQuiiVR+c
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2