7262d129f16e24f65e6139a28d2c04f64fb9864b0f9421a7466da8abc3318207 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6779688f011f62b752a32786d1fce96
Size

347KB
Sample

240319-sxpycsga7x
MD5

d6779688f011f62b752a32786d1fce96
SHA1

3d1042eb8e33d917ab36647c3b88c9445486ca38
SHA256

7262d129f16e24f65e6139a28d2c04f64fb9864b0f9421a7466da8abc3318207
SHA512

4acf297ada6d06285ea0ced1ecead988baa7b24f343be93f47b716dcff1e89a7b0da428e772f83e3a0a302ed1177ed368e148c96a7120881df35074653c5fd44
SSDEEP

6144:We34OcZSGpcgmKxjbT6WsuvOlCStqbI01RW7iTaIoUZzSdeMlBpx6JTv:3cAuJH6DCMqsCRWPI3HMWJT

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d6779688f011f62b752a32786d1fce96
- Size
  
  347KB
- MD5
  
  d6779688f011f62b752a32786d1fce96
- SHA1
  
  3d1042eb8e33d917ab36647c3b88c9445486ca38
- SHA256
  
  7262d129f16e24f65e6139a28d2c04f64fb9864b0f9421a7466da8abc3318207
- SHA512
  
  4acf297ada6d06285ea0ced1ecead988baa7b24f343be93f47b716dcff1e89a7b0da428e772f83e3a0a302ed1177ed368e148c96a7120881df35074653c5fd44
- SSDEEP
  
  6144:We34OcZSGpcgmKxjbT6WsuvOlCStqbI01RW7iTaIoUZzSdeMlBpx6JTv:3cAuJH6DCMqsCRWPI3HMWJT
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  44KB
- MD5
  
  3599d30554ad65dc29fc689217d2152e
- SHA1
  
  8f5fcc313b667a1de2d56573bcf98d43fd0d4ff9
- SHA256
  
  1af3ac7d3176af42e8594ba0c33821d3318f4eea5cbb799bf8fab58e480efe0e
- SHA512
  
  846776b1d908b5204667715ffdfd3a6c76dface1677e8b1e5156ceac2ef0a739f68b48ccbb919c9e08d6ff359a93174bf0b90def7d48cee54cd3c41d8d8575f2
- SSDEEP
  
  768:oY6+2hD1lu3SFh80Z9pe7nJRJ3QN8DOUVowlo+J:76xhZlM0h/9panJ73CSFl
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral5 behavioral6
- Target
  
  PrivacyPlusC.exe
- Size
  
  717KB
- MD5
  
  7dc203b3bb1650b9e687a7bfc35200a4
- SHA1
  
  c3424912ced4e706109cb37dfd6fcfac112a35c1
- SHA256
  
  7e4e5ca8bc68ef6fbbf2b6bb032c332e28937a9f8fd7e5a18314da8f2cbc9e40
- SHA512
  
  545a422c79fceffc400e7f8a6cee9edaac86d77ce02c0ff8752ed1b29a4393f5ccf903df03466f90ef440781b253373689f0dd4a31b1a5b781d42096ea991cf9
- SSDEEP
  
  6144:Zp6ghjY6nmktsJ1tbNgYbbz1MkP6ZKsRTj96JpL5GbKEiD+aH0O12I9UrGWMEszh:Ze//trh6QsRT56JW6Dj5PSvO
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8