df00d20fc80e9deaf65fb7a52c2254d5dc1438ad2cd4c6340f95dab6059ce703 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df00d20fc80e9deaf65fb7a52c2254d5dc1438ad2cd4c6340f95dab6059ce703N
Size

63KB
Sample

240927-cffelasdpc
MD5

e91eabdc8dbb93762cd5e2a84dc63be0
SHA1

704f2a36244199102525695d8606d44366b436a4
SHA256

df00d20fc80e9deaf65fb7a52c2254d5dc1438ad2cd4c6340f95dab6059ce703
SHA512

a5a8cdd244c89a77224fa1738ab5cc87217507458008716d916c51266b862c7d4b1c041ee00e2035007730dfc6d753cf804284aff56e68c234f3de4d5188e375
SSDEEP

1536:NAo0Tj2d6rnJwwvl4ulkP6vghzwYu7vih9GueIh9j2IoHAjUvJQ/johleHhvGh4O:NAoglOwvl4ulkP6vghzwYu7vih9GueIO

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  df00d20fc80e9deaf65fb7a52c2254d5dc1438ad2cd4c6340f95dab6059ce703N
- Size
  
  63KB
- MD5
  
  e91eabdc8dbb93762cd5e2a84dc63be0
- SHA1
  
  704f2a36244199102525695d8606d44366b436a4
- SHA256
  
  df00d20fc80e9deaf65fb7a52c2254d5dc1438ad2cd4c6340f95dab6059ce703
- SHA512
  
  a5a8cdd244c89a77224fa1738ab5cc87217507458008716d916c51266b862c7d4b1c041ee00e2035007730dfc6d753cf804284aff56e68c234f3de4d5188e375
- SSDEEP
  
  1536:NAo0Tj2d6rnJwwvl4ulkP6vghzwYu7vih9GueIh9j2IoHAjUvJQ/johleHhvGh4O:NAoglOwvl4ulkP6vghzwYu7vih9GueIO
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence