46b079d9752ea9279b8536f20c257179855a3bdda7e8055353a0c68a4c86a106 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RR.rar
Size

380KB
Sample

240409-1c85hacb65
MD5

55156234bd95b285107c6dd59b0832aa
SHA1

424486acc923154e8096cbd8d79025cd76b26d4e
SHA256

46b079d9752ea9279b8536f20c257179855a3bdda7e8055353a0c68a4c86a106
SHA512

2d893d660fdd1fd7565b8ab1737f1e1c5e949494f1bbaa376b368195d3844a46ded5aa7dc777666b8da5f6ca70d78ba4abc9a7d4054871e4e3a0f50b92ad81fa
SSDEEP

6144:7UbULo3vhScC6vCXyMNeUgO1hzloTAXBiL0ji8XS3cIewZ9qRAEmqED1hIVahe:wbNhScCPX/0KheTYBPW8XVGZAOnEN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  #RR/#RR/hehe.exe
- Size
  
  876KB
- MD5
  
  a9ef9d87f6f9c875aa8a86b5789273d9
- SHA1
  
  e2ceb628fbfc6e5aff4cf67231bdd394cb963ab1
- SHA256
  
  1de94f93f8f180cc99e9975723588bae5be02aa62dd91c58db8d2414fcadd7f5
- SHA512
  
  02f97dd171535e469aa8831dcd3079346790c464fd2c2240b79bef1d560d0d9303d13e670cb92de258860f6b22648b80044df6b61db1b15b3fd65e04af4ae81a
- SSDEEP
  
  24576:Prj9+JH7qH3dVb6lt2qxLtI912Wfxg8dKdB:TjIJbqHNVm+qzI12sxg8
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2