34fb84c46783bebdf15caede429ba6d72ebdba23360a8067df0f01463614c538 | Triage

Sharing

General

Target

778f9b2f5ed649514c82b93e5f314a69
Size

581KB
Sample

240126-rekegsggdm
MD5

778f9b2f5ed649514c82b93e5f314a69
SHA1

7417a710e30731874c84b86afc543f4c3187b749
SHA256

34fb84c46783bebdf15caede429ba6d72ebdba23360a8067df0f01463614c538
SHA512

d42c8edbb48828122e655bf086e5ce1f1d137339cb3163d3975ef0086fb5b1204c54a0cd1bb043b5ac5c5632b377b726a6fa82842ad46d86deb18490c0ec6a56
SSDEEP

12288:yMH8l0btikVa39/jGsF3Z4mxxuW2+rDxVkVnKrpJp+:yTN9/j1QmXuWbr980c

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  778f9b2f5ed649514c82b93e5f314a69
- Size
  
  581KB
- MD5
  
  778f9b2f5ed649514c82b93e5f314a69
- SHA1
  
  7417a710e30731874c84b86afc543f4c3187b749
- SHA256
  
  34fb84c46783bebdf15caede429ba6d72ebdba23360a8067df0f01463614c538
- SHA512
  
  d42c8edbb48828122e655bf086e5ce1f1d137339cb3163d3975ef0086fb5b1204c54a0cd1bb043b5ac5c5632b377b726a6fa82842ad46d86deb18490c0ec6a56
- SSDEEP
  
  12288:yMH8l0btikVa39/jGsF3Z4mxxuW2+rDxVkVnKrpJp+:yTN9/j1QmXuWbr980c
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2