168d73e054a5538d24ca5f239be91a488244b190b5bcf7609aca84d94b41b295 | Triage

Sharing

General

Target

168d73e054a5538d24ca5f239be91a488244b190b5bcf7609aca84d94b41b295N
Size

468KB
Sample

240927-nktzbssfqc
MD5

fdc2ff850b1f830d075527632fb29ee0
SHA1

b271049a4303a300d742bbf6d1fcd2d5331f4afb
SHA256

168d73e054a5538d24ca5f239be91a488244b190b5bcf7609aca84d94b41b295
SHA512

89cc9b1472e5b77cdb19a8ed907d40a812d4be112a4e3a3648f761d021274297e3f79b8feb603b4745dbac2262fbc589837234c5367e3ecf3f2fb233474db977
SSDEEP

3072:OzoHogIKI05QtbYJHzcOcfr/GChzP0p9nLHeaVMS5WpLQCDg/Olp:OzIoD8QtOH4OcfxYQa5WlTDg/

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  168d73e054a5538d24ca5f239be91a488244b190b5bcf7609aca84d94b41b295N
- Size
  
  468KB
- MD5
  
  fdc2ff850b1f830d075527632fb29ee0
- SHA1
  
  b271049a4303a300d742bbf6d1fcd2d5331f4afb
- SHA256
  
  168d73e054a5538d24ca5f239be91a488244b190b5bcf7609aca84d94b41b295
- SHA512
  
  89cc9b1472e5b77cdb19a8ed907d40a812d4be112a4e3a3648f761d021274297e3f79b8feb603b4745dbac2262fbc589837234c5367e3ecf3f2fb233474db977
- SSDEEP
  
  3072:OzoHogIKI05QtbYJHzcOcfr/GChzP0p9nLHeaVMS5WpLQCDg/Olp:OzIoD8QtOH4OcfxYQa5WlTDg/
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence