c9c1c9d8c5c465c59ce50607411a883c3a887083076e901d5e0459cace755732 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9c1c9d8c5c465c59ce50607411a883c3a887083076e901d5e0459cace755732
Size

176KB
Sample

240909-c78v8axfqq
MD5

52686d1c3b446c9197009865851089ee
SHA1

2d16c723401d6f0544b71e19c300a5a8400725d4
SHA256

c9c1c9d8c5c465c59ce50607411a883c3a887083076e901d5e0459cace755732
SHA512

a64a6f9a9aff6fef72998f0cac373efa8fd3c6f5c3a579b2b5279b1d572497989f7fdff5f14b97ceaaf153451b1db4a4bdc30a6aa98203886f07ed6c61b02aa9
SSDEEP

3072:c9E4Wgbr57BVFqmx1E9Hqmz674Qbf6xET/nhqCoNWDY1TuDBujfgY1LRQBAhHuYK:O0MJBVlx+Vf274Q2xqhxoNH1Ti5YtuY

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c9c1c9d8c5c465c59ce50607411a883c3a887083076e901d5e0459cace755732
- Size
  
  176KB
- MD5
  
  52686d1c3b446c9197009865851089ee
- SHA1
  
  2d16c723401d6f0544b71e19c300a5a8400725d4
- SHA256
  
  c9c1c9d8c5c465c59ce50607411a883c3a887083076e901d5e0459cace755732
- SHA512
  
  a64a6f9a9aff6fef72998f0cac373efa8fd3c6f5c3a579b2b5279b1d572497989f7fdff5f14b97ceaaf153451b1db4a4bdc30a6aa98203886f07ed6c61b02aa9
- SSDEEP
  
  3072:c9E4Wgbr57BVFqmx1E9Hqmz674Qbf6xET/nhqCoNWDY1TuDBujfgY1LRQBAhHuYK:O0MJBVlx+Vf274Q2xqhxoNH1Ti5YtuY
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence