197334ee3cb5ff66376d271741b2df0ac49d869ea45d0b2ffd5656d4683c37f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

197334ee3cb5ff66376d271741b2df0ac49d869ea45d0b2ffd5656d4683c37f7
Size

40KB
Sample

240722-xrt3catbqq
MD5

b72bf516be84310184639a57a1c61167
SHA1

7c36eb487cdbf1f873d21dac46c7961ba358027d
SHA256

197334ee3cb5ff66376d271741b2df0ac49d869ea45d0b2ffd5656d4683c37f7
SHA512

c3031417ff5641595d9a00ae2d18db46b5acbbc096c8b2b21f76b95bc9270b64c6c09dcf085aad16372e110d9803bfef58c004def034465ed9ac8e256ee8cdde
SSDEEP

768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhB:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYh

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  197334ee3cb5ff66376d271741b2df0ac49d869ea45d0b2ffd5656d4683c37f7
- Size
  
  40KB
- MD5
  
  b72bf516be84310184639a57a1c61167
- SHA1
  
  7c36eb487cdbf1f873d21dac46c7961ba358027d
- SHA256
  
  197334ee3cb5ff66376d271741b2df0ac49d869ea45d0b2ffd5656d4683c37f7
- SHA512
  
  c3031417ff5641595d9a00ae2d18db46b5acbbc096c8b2b21f76b95bc9270b64c6c09dcf085aad16372e110d9803bfef58c004def034465ed9ac8e256ee8cdde
- SSDEEP
  
  768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhB:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYh
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2