1cf392ab0d49133b6dcab7ebb9dc94c60a22cf048ec47486b8f4110a595f09e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1cf392ab0d49133b6dcab7ebb9dc94c60a22cf048ec47486b8f4110a595f09e6
Size

76KB
Sample

240531-haqahaah33
MD5

263b48b0a41b33eb60e6ff30c38dc194
SHA1

054ecea0f19f3877a5cf2bf7a66a3af984f5efd5
SHA256

1cf392ab0d49133b6dcab7ebb9dc94c60a22cf048ec47486b8f4110a595f09e6
SHA512

e63c0827854b4360ca174ae5235313c69992c6ffc50d62abce7bd31d104f199243690dd36b937601ec86cf40c2ee2077cbe2be169df919732d3bfe7f4221dfe9
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOcl:GhfxHNIreQm+HiVl

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1cf392ab0d49133b6dcab7ebb9dc94c60a22cf048ec47486b8f4110a595f09e6
- Size
  
  76KB
- MD5
  
  263b48b0a41b33eb60e6ff30c38dc194
- SHA1
  
  054ecea0f19f3877a5cf2bf7a66a3af984f5efd5
- SHA256
  
  1cf392ab0d49133b6dcab7ebb9dc94c60a22cf048ec47486b8f4110a595f09e6
- SHA512
  
  e63c0827854b4360ca174ae5235313c69992c6ffc50d62abce7bd31d104f199243690dd36b937601ec86cf40c2ee2077cbe2be169df919732d3bfe7f4221dfe9
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOcl:GhfxHNIreQm+HiVl
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2