d1ca033e2cffb8d392975c8690e9c498bcb320f780d2277faa881f64ba6f5832 | Triage

Sharing

General

Target

d1ca033e2cffb8d392975c8690e9c498bcb320f780d2277faa881f64ba6f5832
Size

5.5MB
Sample

240524-d75z1abg38
MD5

5a74dce08eea9032012d474840ef7d52
SHA1

a5d0a5c81c2dc32a9b6fdb919b82b3d42ee8c5a4
SHA256

d1ca033e2cffb8d392975c8690e9c498bcb320f780d2277faa881f64ba6f5832
SHA512

1218667da0142e1d29345dce36044d4a08ce251e70576643b5ff163efa5e05f8188c2f842c1b57770d365accccc34e317f8f7a556439f5b82f3c1e9c90c6232b
SSDEEP

98304:oseHlHdc5b9dXLVi2xIb7S1fw7pXyZ7oz0R5uz0rbJagkW7kOLIx1qxz8hjFrZBG:Bem17h10XvwPhagz7q2wNPQ00R

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d1ca033e2cffb8d392975c8690e9c498bcb320f780d2277faa881f64ba6f5832
- Size
  
  5.5MB
- MD5
  
  5a74dce08eea9032012d474840ef7d52
- SHA1
  
  a5d0a5c81c2dc32a9b6fdb919b82b3d42ee8c5a4
- SHA256
  
  d1ca033e2cffb8d392975c8690e9c498bcb320f780d2277faa881f64ba6f5832
- SHA512
  
  1218667da0142e1d29345dce36044d4a08ce251e70576643b5ff163efa5e05f8188c2f842c1b57770d365accccc34e317f8f7a556439f5b82f3c1e9c90c6232b
- SSDEEP
  
  98304:oseHlHdc5b9dXLVi2xIb7S1fw7pXyZ7oz0R5uz0rbJagkW7kOLIx1qxz8hjFrZBG:Bem17h10XvwPhagz7q2wNPQ00R
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2