a058e6f1ae42ec1e0f09c8d23f50dc87ed8898e5d5ee0d2e18031cdf59679eb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

advancedbattoexeconverter.exe
Size

801KB
Sample

230322-zwwg3sdc8v
MD5

2d6cf8e30b05f0d70791feee8efc501c
SHA1

7e38040b498b95ad8ed60e2d7d66b3b61003275e
SHA256

a058e6f1ae42ec1e0f09c8d23f50dc87ed8898e5d5ee0d2e18031cdf59679eb6
SHA512

da6f3540f87e939e229819a344732610da57409c1985a3344a3b9fb362393cdc6082e6ac205e5227e6c1afcaa07922bc87d58fc6948c569324cbde18ff39174d
SSDEEP

24576:HxF2L4a+4LXECLp0cPydrb2gkFby3w4FZm9oC:H+Lb+MX9KEydrSlFby3wZ9oC

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  advancedbattoexeconverter.exe
- Size
  
  801KB
- MD5
  
  2d6cf8e30b05f0d70791feee8efc501c
- SHA1
  
  7e38040b498b95ad8ed60e2d7d66b3b61003275e
- SHA256
  
  a058e6f1ae42ec1e0f09c8d23f50dc87ed8898e5d5ee0d2e18031cdf59679eb6
- SHA512
  
  da6f3540f87e939e229819a344732610da57409c1985a3344a3b9fb362393cdc6082e6ac205e5227e6c1afcaa07922bc87d58fc6948c569324cbde18ff39174d
- SSDEEP
  
  24576:HxF2L4a+4LXECLp0cPydrb2gkFby3w4FZm9oC:H+Lb+MX9KEydrSlFby3wZ9oC
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence