6a0be29f5fe881b75207a87627e06df6d564b51e00ff7f853cd8bc6c6db9c764 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a0be29f5fe881b75207a87627e06df6d564b51e00ff7f853cd8bc6c6db9c764
Size

74KB
Sample

240606-tzfm5shf34
MD5

4d26a1c50caf3a0e102de29093b2f333
SHA1

878af4005b8ad5e2f1a498435623ae95421b7a85
SHA256

6a0be29f5fe881b75207a87627e06df6d564b51e00ff7f853cd8bc6c6db9c764
SHA512

11b992fdcc4c9d7c76acacfa5ae33a3e7c3b3e18debd0df9f216893fd13fcfa757b25d0986b0361955cc3437248e37e192a781b893277e20fd63cb2bfa5f9404
SSDEEP

768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOL3:RshfSWHHNvoLqNwDDGw02eQmh0HjWOL3

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  6a0be29f5fe881b75207a87627e06df6d564b51e00ff7f853cd8bc6c6db9c764
- Size
  
  74KB
- MD5
  
  4d26a1c50caf3a0e102de29093b2f333
- SHA1
  
  878af4005b8ad5e2f1a498435623ae95421b7a85
- SHA256
  
  6a0be29f5fe881b75207a87627e06df6d564b51e00ff7f853cd8bc6c6db9c764
- SHA512
  
  11b992fdcc4c9d7c76acacfa5ae33a3e7c3b3e18debd0df9f216893fd13fcfa757b25d0986b0361955cc3437248e37e192a781b893277e20fd63cb2bfa5f9404
- SSDEEP
  
  768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOL3:RshfSWHHNvoLqNwDDGw02eQmh0HjWOL3
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2