4f4e041170e31ceefdf3ee4e9b6e63ff327e781da698c8fc03c68fef8d58cf1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3fc50146803244f3c4223079f98fb26
Size

15KB
Sample

240305-gy4blahc47
MD5

b3fc50146803244f3c4223079f98fb26
SHA1

c55c32c325c19737ad6f5de8057e0f51ae133533
SHA256

4f4e041170e31ceefdf3ee4e9b6e63ff327e781da698c8fc03c68fef8d58cf1f
SHA512

5a1cf5844145c223bacd9775f461c856d041620a2b8647acaf10be5bf8e34101a827eff33de486143e79c52bfbb7882a378a09dc60ace0937cfd251fc3eb76b9
SSDEEP

384:m8W/WoiGOu1TlaKDXf/haSAsw6vBmw6zhQ+16frbbn7:VKJbh2sw6dit16zT

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b3fc50146803244f3c4223079f98fb26
- Size
  
  15KB
- MD5
  
  b3fc50146803244f3c4223079f98fb26
- SHA1
  
  c55c32c325c19737ad6f5de8057e0f51ae133533
- SHA256
  
  4f4e041170e31ceefdf3ee4e9b6e63ff327e781da698c8fc03c68fef8d58cf1f
- SHA512
  
  5a1cf5844145c223bacd9775f461c856d041620a2b8647acaf10be5bf8e34101a827eff33de486143e79c52bfbb7882a378a09dc60ace0937cfd251fc3eb76b9
- SSDEEP
  
  384:m8W/WoiGOu1TlaKDXf/haSAsw6vBmw6zhQ+16frbbn7:VKJbh2sw6dit16zT
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2