ec879d5683c1ab7c3a382cdc2ded69718a293fb673674e18229358a31f970640 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec879d5683c1ab7c3a382cdc2ded69718a293fb673674e18229358a31f970640
Size

60KB
Sample

240914-c89txateqb
MD5

4113fade3d2e3a7cb4fd9ab8f3079c8b
SHA1

35d13be358add2dd6fbf1ae2d107888a1e643f4f
SHA256

ec879d5683c1ab7c3a382cdc2ded69718a293fb673674e18229358a31f970640
SHA512

92d3f8e2a515446f763b12bce7d39ce6cd64bbc09d53b9852409493f3382f7743d2c6fad358a7a71966a7a547635cd3853f73e3498df0f793ddb2a59047d9e27
SSDEEP

192:vbOzawOs81elJHsc45CcRZOgtShcWaOT2QLrCqwpfY04/CFxyNhoy5t:vbLwOs8AHsc4sMfwhKQLroz4/CFsrd

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ec879d5683c1ab7c3a382cdc2ded69718a293fb673674e18229358a31f970640
- Size
  
  60KB
- MD5
  
  4113fade3d2e3a7cb4fd9ab8f3079c8b
- SHA1
  
  35d13be358add2dd6fbf1ae2d107888a1e643f4f
- SHA256
  
  ec879d5683c1ab7c3a382cdc2ded69718a293fb673674e18229358a31f970640
- SHA512
  
  92d3f8e2a515446f763b12bce7d39ce6cd64bbc09d53b9852409493f3382f7743d2c6fad358a7a71966a7a547635cd3853f73e3498df0f793ddb2a59047d9e27
- SSDEEP
  
  192:vbOzawOs81elJHsc45CcRZOgtShcWaOT2QLrCqwpfY04/CFxyNhoy5t:vbLwOs8AHsc4sMfwhKQLroz4/CFsrd
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence