49fa1e3ade278183d65f2793f5cbf3f7ed438c268c151c03cfd32a6df05269a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49fa1e3ade278183d65f2793f5cbf3f7ed438c268c151c03cfd32a6df05269a2
Size

4.1MB
Sample

240526-z9agrscd9v
MD5

5aa8122555093d56c18fae3a742c7657
SHA1

9d23748c1d258efe15ed16ea89de5f839d403456
SHA256

49fa1e3ade278183d65f2793f5cbf3f7ed438c268c151c03cfd32a6df05269a2
SHA512

c2deef9ec179e519c87607a025bcc8d7d59f30d7997379541acb5f7d61a50cb41d16c4b33d085b0236afb323ea5051094d15ba82090bbf7b8ea0ae8d097f1417
SSDEEP

98304:+R0pI/IQlUoMPdmpSpS4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdmh5n9klRKN41v

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  49fa1e3ade278183d65f2793f5cbf3f7ed438c268c151c03cfd32a6df05269a2
- Size
  
  4.1MB
- MD5
  
  5aa8122555093d56c18fae3a742c7657
- SHA1
  
  9d23748c1d258efe15ed16ea89de5f839d403456
- SHA256
  
  49fa1e3ade278183d65f2793f5cbf3f7ed438c268c151c03cfd32a6df05269a2
- SHA512
  
  c2deef9ec179e519c87607a025bcc8d7d59f30d7997379541acb5f7d61a50cb41d16c4b33d085b0236afb323ea5051094d15ba82090bbf7b8ea0ae8d097f1417
- SSDEEP
  
  98304:+R0pI/IQlUoMPdmpSpS4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdmh5n9klRKN41v
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2