2facae0316bb398d1895af1248d21cb3e88f83da4b8c0eeaef4f837d1bc98799 | Triage

Sharing

General

Target

c9c2ca31ac824ed5653a26d433d30e8e
Size

208KB
Sample

240314-19bkhaha3s
MD5

c9c2ca31ac824ed5653a26d433d30e8e
SHA1

a8ed6c5f097e03ba9c5380b28e23b222ec882fe9
SHA256

2facae0316bb398d1895af1248d21cb3e88f83da4b8c0eeaef4f837d1bc98799
SHA512

743c495e8970670486f6fab76c0a28ac705e7dbd0043c29012e7f77b1926aad15c3e3989a29877bb3d1760c4b1e58ff2f8c05efa57898d3ba6c176fb9ef0dde0
SSDEEP

3072:BltUotXpzghxJ2Gb8epdi6e81o82p/JDuGIl+JKWMocftvX:ftmx3dN71n2p/JDuRl+JKWMP

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c9c2ca31ac824ed5653a26d433d30e8e
- Size
  
  208KB
- MD5
  
  c9c2ca31ac824ed5653a26d433d30e8e
- SHA1
  
  a8ed6c5f097e03ba9c5380b28e23b222ec882fe9
- SHA256
  
  2facae0316bb398d1895af1248d21cb3e88f83da4b8c0eeaef4f837d1bc98799
- SHA512
  
  743c495e8970670486f6fab76c0a28ac705e7dbd0043c29012e7f77b1926aad15c3e3989a29877bb3d1760c4b1e58ff2f8c05efa57898d3ba6c176fb9ef0dde0
- SSDEEP
  
  3072:BltUotXpzghxJ2Gb8epdi6e81o82p/JDuGIl+JKWMocftvX:ftmx3dN71n2p/JDuRl+JKWMP
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2