cf6ee78a7258fb1fd880fb4c553737bb9234e0a40e70d911465d474204b465c7 | Triage

Sharing

General

Target

cf6ee78a7258fb1fd880fb4c553737bb9234e0a40e70d911465d474204b465c7N
Size

1.0MB
Sample

241001-ne6e6s1amc
MD5

fcfec77800027905c219d0c6c588a970
SHA1

e9a550dacad8610ff2efdc7503eea9ff99c5bc9d
SHA256

cf6ee78a7258fb1fd880fb4c553737bb9234e0a40e70d911465d474204b465c7
SHA512

a13519fd843f165f3384802b149e836fa1409825da1348948417cf974dbc99759dc7c7704af42bd4f1d28c6aafd51f94ecab1b590d7d1d8eeeb76deae43459ef
SSDEEP

12288:iz+oEjjN7T7NluVopVhe1FGTNzsolLqt4fog2pxrKMg9Jy/h:WqjNPu+pVhe+T5sod9foNP1X

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  cf6ee78a7258fb1fd880fb4c553737bb9234e0a40e70d911465d474204b465c7N
- Size
  
  1.0MB
- MD5
  
  fcfec77800027905c219d0c6c588a970
- SHA1
  
  e9a550dacad8610ff2efdc7503eea9ff99c5bc9d
- SHA256
  
  cf6ee78a7258fb1fd880fb4c553737bb9234e0a40e70d911465d474204b465c7
- SHA512
  
  a13519fd843f165f3384802b149e836fa1409825da1348948417cf974dbc99759dc7c7704af42bd4f1d28c6aafd51f94ecab1b590d7d1d8eeeb76deae43459ef
- SSDEEP
  
  12288:iz+oEjjN7T7NluVopVhe1FGTNzsolLqt4fog2pxrKMg9Jy/h:WqjNPu+pVhe+T5sod9foNP1X
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence