c130bf2b4912c8dc255d5322a02aa273a61992eb1ea51e43bbc0c04215eb6ee7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c130bf2b4912c8dc255d5322a02aa273a61992eb1ea51e43bbc0c04215eb6ee7N
Size

67KB
Sample

241012-zw91gavhpl
MD5

8a8c5bd2902e61d1f00d3e52dbccd9b0
SHA1

ea8ab2e6c67a4c41635c98d21b0f535f626a2462
SHA256

c130bf2b4912c8dc255d5322a02aa273a61992eb1ea51e43bbc0c04215eb6ee7
SHA512

99d2d4044df316a7c77ad70eeaae9a54afd0fc0861a988581117f046a2d8c5db49ac3b7b589cfc5ecfc050334cb755bde7e477a19396fb6bd804c0d75994c5e3
SSDEEP

1536:lAo0ej2d6rnJwwvlKlIUBP6vghzwYu7vih9GueIh9j2IoHAjUvJjWH0HNh3hOh6Q:lAo1lOwvlKlXBP6vghzwYu7vih9GueIp

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c130bf2b4912c8dc255d5322a02aa273a61992eb1ea51e43bbc0c04215eb6ee7N
- Size
  
  67KB
- MD5
  
  8a8c5bd2902e61d1f00d3e52dbccd9b0
- SHA1
  
  ea8ab2e6c67a4c41635c98d21b0f535f626a2462
- SHA256
  
  c130bf2b4912c8dc255d5322a02aa273a61992eb1ea51e43bbc0c04215eb6ee7
- SHA512
  
  99d2d4044df316a7c77ad70eeaae9a54afd0fc0861a988581117f046a2d8c5db49ac3b7b589cfc5ecfc050334cb755bde7e477a19396fb6bd804c0d75994c5e3
- SSDEEP
  
  1536:lAo0ej2d6rnJwwvlKlIUBP6vghzwYu7vih9GueIh9j2IoHAjUvJjWH0HNh3hOh6Q:lAo1lOwvlKlXBP6vghzwYu7vih9GueIp
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence