ac8f18a6311375f33748c435ddd77051d7a5f207fd0832415fe2684375e317a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Teams_windows_x64_s_8D81D942A50991F-7-0_.exe
Size

93.7MB
Sample

200707-pmmn9adh3n
MD5

dd8216c8debaf1a9bfe3a96d450158d4
SHA1

0315df25ffe96681cf594a6a358d28e9610640b5
SHA256

ac8f18a6311375f33748c435ddd77051d7a5f207fd0832415fe2684375e317a5
SHA512

857803a93627bed65ea8335ea426288c4408930423531957d5b3d68815339f1673da1d39d5f8278f701763aaab6355aebf3441604ad761614be7c6bb36077b6b

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  Teams_windows_x64_s_8D81D942A50991F-7-0_.exe
- Size
  
  93.7MB
- MD5
  
  dd8216c8debaf1a9bfe3a96d450158d4
- SHA1
  
  0315df25ffe96681cf594a6a358d28e9610640b5
- SHA256
  
  ac8f18a6311375f33748c435ddd77051d7a5f207fd0832415fe2684375e317a5
- SHA512
  
  857803a93627bed65ea8335ea426288c4408930423531957d5b3d68815339f1673da1d39d5f8278f701763aaab6355aebf3441604ad761614be7c6bb36077b6b
Score

8^/10

persistence discovery
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Adds Run entry to start application
  persistence
- Checks for installed software on the system
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencediscovery

behavioral2