f64fad4e0ae6d3ac7dd651222e1215f32c14986e5f300a1df93a3ae49964c7e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f64fad4e0ae6d3ac7dd651222e1215f32c14986e5f300a1df93a3ae49964c7e8
Size

80KB
Sample

240527-2tl7qsch9s
MD5

46ca20ebeff93c3c0512144c9e07ca5e
SHA1

85c5971b7418ca38d07277d1133e9a5a07c4f0ec
SHA256

f64fad4e0ae6d3ac7dd651222e1215f32c14986e5f300a1df93a3ae49964c7e8
SHA512

8b8b2a8746a1b58d76edf6e1cd9105a683ae74882ba50c450c388ef42d822d0a9d959ec4b6b6af0daf5f2cab5946b25561d6632f5e50ff24df25206cfca57be6
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWODinikpj:GhfxHNIreQm+Hikinikpj

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f64fad4e0ae6d3ac7dd651222e1215f32c14986e5f300a1df93a3ae49964c7e8
- Size
  
  80KB
- MD5
  
  46ca20ebeff93c3c0512144c9e07ca5e
- SHA1
  
  85c5971b7418ca38d07277d1133e9a5a07c4f0ec
- SHA256
  
  f64fad4e0ae6d3ac7dd651222e1215f32c14986e5f300a1df93a3ae49964c7e8
- SHA512
  
  8b8b2a8746a1b58d76edf6e1cd9105a683ae74882ba50c450c388ef42d822d0a9d959ec4b6b6af0daf5f2cab5946b25561d6632f5e50ff24df25206cfca57be6
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWODinikpj:GhfxHNIreQm+Hikinikpj
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2