f9fd16190c55b9be5c4416c0e65ff62ff1dfe6bc0554d425a9b8e37e601dc7a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9fd16190c55b9be5c4416c0e65ff62ff1dfe6bc0554d425a9b8e37e601dc7a1
Size

73KB
Sample

240530-nrrgsagg97
MD5

a8a04f828fa3cc7c1472c778aff79adc
SHA1

3109e1189fb66af05db631ba910edd6d5fb9d059
SHA256

f9fd16190c55b9be5c4416c0e65ff62ff1dfe6bc0554d425a9b8e37e601dc7a1
SHA512

7b58e903bdb9e3d02bd0d49213bd0c7a9f2e677d2c408a0a0496d9b4063ce2f821248f6d7c6558fee1be21cfd0174dc27b4c310430fab4d7a531cb95159d1a2d
SSDEEP

768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOB:RshfSWHHNvoLqNwDDGw02eQmh0HjWOB

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f9fd16190c55b9be5c4416c0e65ff62ff1dfe6bc0554d425a9b8e37e601dc7a1
- Size
  
  73KB
- MD5
  
  a8a04f828fa3cc7c1472c778aff79adc
- SHA1
  
  3109e1189fb66af05db631ba910edd6d5fb9d059
- SHA256
  
  f9fd16190c55b9be5c4416c0e65ff62ff1dfe6bc0554d425a9b8e37e601dc7a1
- SHA512
  
  7b58e903bdb9e3d02bd0d49213bd0c7a9f2e677d2c408a0a0496d9b4063ce2f821248f6d7c6558fee1be21cfd0174dc27b4c310430fab4d7a531cb95159d1a2d
- SSDEEP
  
  768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOB:RshfSWHHNvoLqNwDDGw02eQmh0HjWOB
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2