c64295a25af24859892edd27c32c0ee72490a83fe9db4dcf024c5a855bc127c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c64295a25af24859892edd27c32c0ee72490a83fe9db4dcf024c5a855bc127c5
Size

83KB
Sample

240819-jeha5avdnk
MD5

6475cca91da328063c15fc675f5b20fc
SHA1

8937aedab2a38ebd7df85cdd46c971ae0c9a72ab
SHA256

c64295a25af24859892edd27c32c0ee72490a83fe9db4dcf024c5a855bc127c5
SHA512

dc3ca72d6f96e5a1ec6c8de9f6d5d3366ce57bf7b1ec814a404721eb539e42dbe6fe22aec60f924145d5a95d80a7da2ef635869a8a2adf611f2411adb6cc5c98
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOVrcvj:GhfxHNIreQm+HiQrcvj

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c64295a25af24859892edd27c32c0ee72490a83fe9db4dcf024c5a855bc127c5
- Size
  
  83KB
- MD5
  
  6475cca91da328063c15fc675f5b20fc
- SHA1
  
  8937aedab2a38ebd7df85cdd46c971ae0c9a72ab
- SHA256
  
  c64295a25af24859892edd27c32c0ee72490a83fe9db4dcf024c5a855bc127c5
- SHA512
  
  dc3ca72d6f96e5a1ec6c8de9f6d5d3366ce57bf7b1ec814a404721eb539e42dbe6fe22aec60f924145d5a95d80a7da2ef635869a8a2adf611f2411adb6cc5c98
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOVrcvj:GhfxHNIreQm+HiQrcvj
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence