ccad902846525b35ed216c7fa4436b0211b16acc1a20db619547982a381b1f9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2d101a439a937933cba573a00756b20N
Size

148KB
Sample

240909-y1evfszdjg
MD5

d2d101a439a937933cba573a00756b20
SHA1

e8cd4d330d527574f93dae732773232d317e27da
SHA256

ccad902846525b35ed216c7fa4436b0211b16acc1a20db619547982a381b1f9e
SHA512

baf8966e0cd90031a3bda09756443669b587280dc17ac87fd6e4253039402b64cff9bcac506a5eaa17a247e09b65db15bb50d42e1a14e6d82ce17320da4f5274
SSDEEP

3072:tTcDhuBRZb5qyxDVpJT2VZftXZAr1cDj:SluBvbrDNuZftXZeODj

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  d2d101a439a937933cba573a00756b20N
- Size
  
  148KB
- MD5
  
  d2d101a439a937933cba573a00756b20
- SHA1
  
  e8cd4d330d527574f93dae732773232d317e27da
- SHA256
  
  ccad902846525b35ed216c7fa4436b0211b16acc1a20db619547982a381b1f9e
- SHA512
  
  baf8966e0cd90031a3bda09756443669b587280dc17ac87fd6e4253039402b64cff9bcac506a5eaa17a247e09b65db15bb50d42e1a14e6d82ce17320da4f5274
- SSDEEP
  
  3072:tTcDhuBRZb5qyxDVpJT2VZftXZAr1cDj:SluBvbrDNuZftXZeODj
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2