c4512e17b0c5485e49f64e08d35c47a4e2be181e94c4b96d0120e66b012cd71d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4512e17b0c5485e49f64e08d35c47a4e2be181e94c4b96d0120e66b012cd71dN
Size

63KB
Sample

241004-brvszswhpq
MD5

6c35f54a3d16ece956319e4dc820ef50
SHA1

340aa02f11f77fdbd3b76f327435e54fb6389e8f
SHA256

c4512e17b0c5485e49f64e08d35c47a4e2be181e94c4b96d0120e66b012cd71d
SHA512

6d7e258c64cf108a4b7b0a03bdc35efbe876bec81905064477509db5e34c40c2e68ed1f9d7ff267a961e7b0cb0c14ac7f9f4fc05a12d3deacea9f89575498b26
SSDEEP

1536:NAo0Tj2d6rnJwwvl4ulkP6vghzwYu7vih9GueIh9j2IoHAjU+Eh6IbIKv8H8hpQv:NAoglOwvl4ulkP6vghzwYu7vih9GueI1

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c4512e17b0c5485e49f64e08d35c47a4e2be181e94c4b96d0120e66b012cd71dN
- Size
  
  63KB
- MD5
  
  6c35f54a3d16ece956319e4dc820ef50
- SHA1
  
  340aa02f11f77fdbd3b76f327435e54fb6389e8f
- SHA256
  
  c4512e17b0c5485e49f64e08d35c47a4e2be181e94c4b96d0120e66b012cd71d
- SHA512
  
  6d7e258c64cf108a4b7b0a03bdc35efbe876bec81905064477509db5e34c40c2e68ed1f9d7ff267a961e7b0cb0c14ac7f9f4fc05a12d3deacea9f89575498b26
- SSDEEP
  
  1536:NAo0Tj2d6rnJwwvl4ulkP6vghzwYu7vih9GueIh9j2IoHAjU+Eh6IbIKv8H8hpQv:NAoglOwvl4ulkP6vghzwYu7vih9GueI1
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence