e05a779d1c29d28c2ea4b62d654a0fb59d63720dcc4a88a5adaee3073c2e1b23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ZLIB.dll
Size

65KB
Sample

240416-we3naaab3z
MD5

6630c4a50ee101927349db6769d2441e
SHA1

df36406dfbb625479d6c82ab29724df4b269ab00
SHA256

e05a779d1c29d28c2ea4b62d654a0fb59d63720dcc4a88a5adaee3073c2e1b23
SHA512

f0f80e5c60291854142a1e6864b1012221f8a653067fc1b3e3df8f69e9dd81af1460f6ef664c3d6395559b8d35b7d9e654ce27c5331dc5b93df0bac16f7fc8ec
SSDEEP

768:cfucvnDf4JVtnMb3Fl65S9nTBLm/BG044jV9HOIKWxLRu9t8TspqzL6gk4XBo99:yf4VtM65+TwPxjV9xKWx8fUbBoHvZm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ZLIB.dll
- Size
  
  65KB
- MD5
  
  6630c4a50ee101927349db6769d2441e
- SHA1
  
  df36406dfbb625479d6c82ab29724df4b269ab00
- SHA256
  
  e05a779d1c29d28c2ea4b62d654a0fb59d63720dcc4a88a5adaee3073c2e1b23
- SHA512
  
  f0f80e5c60291854142a1e6864b1012221f8a653067fc1b3e3df8f69e9dd81af1460f6ef664c3d6395559b8d35b7d9e654ce27c5331dc5b93df0bac16f7fc8ec
- SSDEEP
  
  768:cfucvnDf4JVtnMb3Fl65S9nTBLm/BG044jV9HOIKWxLRu9t8TspqzL6gk4XBo99:yf4VtM65+TwPxjV9xKWx8fUbBoHvZm
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1