a41a96cf44fb1c3c267b02aba16976d0d68f2d9e7fba9c79c914566c42f2e157 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a41a96cf44fb1c3c267b02aba16976d0d68f2d9e7fba9c79c914566c42f2e157N
Size

665KB
Sample

241001-dxaq4sscpg
MD5

6915f07d58a2c45a104281e79912d960
SHA1

51d7377ef2ed280dd21dc0e066bb09fa585abaf1
SHA256

a41a96cf44fb1c3c267b02aba16976d0d68f2d9e7fba9c79c914566c42f2e157
SHA512

9c2180da35b65edd4d08d3216f8910f2f3321dcc6f89b4e957de3f8af1d6fa72ea57816284c74e85a9969e0dbf528d77030aa14a58c502dd5a69cd6a58b40c75
SSDEEP

12288:w0qGhRM8WivVK9czgtDhqdwnEKuwSYVJUnHo+q1:TqyRMmKCkt4dyEKjVcI+q1

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  a41a96cf44fb1c3c267b02aba16976d0d68f2d9e7fba9c79c914566c42f2e157N
- Size
  
  665KB
- MD5
  
  6915f07d58a2c45a104281e79912d960
- SHA1
  
  51d7377ef2ed280dd21dc0e066bb09fa585abaf1
- SHA256
  
  a41a96cf44fb1c3c267b02aba16976d0d68f2d9e7fba9c79c914566c42f2e157
- SHA512
  
  9c2180da35b65edd4d08d3216f8910f2f3321dcc6f89b4e957de3f8af1d6fa72ea57816284c74e85a9969e0dbf528d77030aa14a58c502dd5a69cd6a58b40c75
- SSDEEP
  
  12288:w0qGhRM8WivVK9czgtDhqdwnEKuwSYVJUnHo+q1:TqyRMmKCkt4dyEKjVcI+q1
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2