6df62f50ef8049a160d111b8aefa9722b3b1aaf34203794f00255fea743f0d9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6df62f50ef8049a160d111b8aefa9722b3b1aaf34203794f00255fea743f0d9e
Size

135KB
Sample

240604-2s416aeb51
MD5

ca061d69d65607eb03c27754d8d537c3
SHA1

c9a458371fb943ba4e315a6e2b65c54a4a394bab
SHA256

6df62f50ef8049a160d111b8aefa9722b3b1aaf34203794f00255fea743f0d9e
SHA512

93317c9ad055fd72c077fd4baff6f9badfdde8abc970372629a39b592f2dc4f56aaad8b606812e1c27cf84825f9431434a270e1f715308f8f0a30ca266d557cf
SSDEEP

1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVBB:UVqoCl/YgjxEufVU0TbTyDDal7B

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  6df62f50ef8049a160d111b8aefa9722b3b1aaf34203794f00255fea743f0d9e
- Size
  
  135KB
- MD5
  
  ca061d69d65607eb03c27754d8d537c3
- SHA1
  
  c9a458371fb943ba4e315a6e2b65c54a4a394bab
- SHA256
  
  6df62f50ef8049a160d111b8aefa9722b3b1aaf34203794f00255fea743f0d9e
- SHA512
  
  93317c9ad055fd72c077fd4baff6f9badfdde8abc970372629a39b592f2dc4f56aaad8b606812e1c27cf84825f9431434a270e1f715308f8f0a30ca266d557cf
- SSDEEP
  
  1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVBB:UVqoCl/YgjxEufVU0TbTyDDal7B
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence