6945cfed3a33fa38bbe1edcc894d1221c7554948d80682bcac233c28aaf5a2dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6945cfed3a33fa38bbe1edcc894d1221c7554948d80682bcac233c28aaf5a2dcN
Size

57KB
Sample

240928-ran7wayhmm
MD5

52107236a1f6ed0bf40067494effb510
SHA1

e61bb99c5275f9bcfe3b92d6c4a013ac95a4fb1a
SHA256

6945cfed3a33fa38bbe1edcc894d1221c7554948d80682bcac233c28aaf5a2dc
SHA512

0c96d55ee56081f25e92a9c695f55b9ab24166259c96542b4a11fe97e25afe259f34f4d091f3e1c99d9680835a98ba9086b473efec0391144aa3b8f0c674f266
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhI:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYV+

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  6945cfed3a33fa38bbe1edcc894d1221c7554948d80682bcac233c28aaf5a2dcN
- Size
  
  57KB
- MD5
  
  52107236a1f6ed0bf40067494effb510
- SHA1
  
  e61bb99c5275f9bcfe3b92d6c4a013ac95a4fb1a
- SHA256
  
  6945cfed3a33fa38bbe1edcc894d1221c7554948d80682bcac233c28aaf5a2dc
- SHA512
  
  0c96d55ee56081f25e92a9c695f55b9ab24166259c96542b4a11fe97e25afe259f34f4d091f3e1c99d9680835a98ba9086b473efec0391144aa3b8f0c674f266
- SSDEEP
  
  1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhI:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYV+
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence