669dc34e94c1cd6b719280955e1d2d03dfffba1d80de89a8d9d7887ca5b25917 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

669dc34e94c1cd6b719280955e1d2d03dfffba1d80de89a8d9d7887ca5b25917
Size

75KB
Sample

240523-rwbhxaed3z
MD5

ac4a91e875124fc41911073af85467c5
SHA1

2ff8c2847222546f05f70a76082fd9977090e2df
SHA256

669dc34e94c1cd6b719280955e1d2d03dfffba1d80de89a8d9d7887ca5b25917
SHA512

b43820ce74f601915c2fe22b278d72bb1c032952ef02d143ce1cfe3017e89e6eb0c5a24fd6ede8bed32f084323eb16bc98bcb0a7edd0a35333daa9e40bd7513a
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOe9r:GhfxHNIreQm+Hil9r

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  669dc34e94c1cd6b719280955e1d2d03dfffba1d80de89a8d9d7887ca5b25917
- Size
  
  75KB
- MD5
  
  ac4a91e875124fc41911073af85467c5
- SHA1
  
  2ff8c2847222546f05f70a76082fd9977090e2df
- SHA256
  
  669dc34e94c1cd6b719280955e1d2d03dfffba1d80de89a8d9d7887ca5b25917
- SHA512
  
  b43820ce74f601915c2fe22b278d72bb1c032952ef02d143ce1cfe3017e89e6eb0c5a24fd6ede8bed32f084323eb16bc98bcb0a7edd0a35333daa9e40bd7513a
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOe9r:GhfxHNIreQm+Hil9r
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2