ba7cd0cf3b588c408abf3259a318e2a6094438ecb6f9063b8d41e05b0e0069fe | Triage

Sharing

General

Target

ba7cd0cf3b588c408abf3259a318e2a6094438ecb6f9063b8d41e05b0e0069feN
Size

12KB
Sample

240919-gqmzmsvalm
MD5

803157ab3b91855f750141c26f831b20
SHA1

7db52bfb9cc76a429318be112c665f860c08a7e2
SHA256

ba7cd0cf3b588c408abf3259a318e2a6094438ecb6f9063b8d41e05b0e0069fe
SHA512

6d95aebd7344b5a0a369cfa9c06a03fcb245def4298d11dd2b48000be14e23832e0830d8a9498801646fcee3da0c0c0ba8c9c31a7841f98e7dd7ba0a350f4e35
SSDEEP

192:AMHk6FtYS7qyGZ0CKYqRgazb2PAYzNo67G:rtYS2yGAZ6PAYzNo2G

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  ba7cd0cf3b588c408abf3259a318e2a6094438ecb6f9063b8d41e05b0e0069feN
- Size
  
  12KB
- MD5
  
  803157ab3b91855f750141c26f831b20
- SHA1
  
  7db52bfb9cc76a429318be112c665f860c08a7e2
- SHA256
  
  ba7cd0cf3b588c408abf3259a318e2a6094438ecb6f9063b8d41e05b0e0069fe
- SHA512
  
  6d95aebd7344b5a0a369cfa9c06a03fcb245def4298d11dd2b48000be14e23832e0830d8a9498801646fcee3da0c0c0ba8c9c31a7841f98e7dd7ba0a350f4e35
- SSDEEP
  
  192:AMHk6FtYS7qyGZ0CKYqRgazb2PAYzNo67G:rtYS2yGAZ6PAYzNo2G
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence