a25ad4c0e6622986b7b25e85ee0f89c32457703ae67398df440200649fcf25e4 | Triage

Sharing

General

Target

Windows7-Windows10_2.0.2.exe
Size

4.6MB
Sample

230828-1tz8xsgc28
MD5

c0023b71f42e0703cedfee3a1b18e308
SHA1

b96c96227e25b373e3bfcd7503a26e4015cb3a79
SHA256

a25ad4c0e6622986b7b25e85ee0f89c32457703ae67398df440200649fcf25e4
SHA512

a613953983dd43a0490cbb6733b57d713c1bca0cce342a8bbca498c30008ebe58ff3268111eeb49f14f9db9f2fce7228029c63c9c92b50f888f8d8324678db31
SSDEEP

98304:n5il9zT8snnr1EFBvPmLpQS9GqWZaZ7dBw2Jg5fxdwBKw:a90ynBEzCQ8GqNldBw2Afpw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Windows7-Windows10_2.0.2.exe
- Size
  
  4.6MB
- MD5
  
  c0023b71f42e0703cedfee3a1b18e308
- SHA1
  
  b96c96227e25b373e3bfcd7503a26e4015cb3a79
- SHA256
  
  a25ad4c0e6622986b7b25e85ee0f89c32457703ae67398df440200649fcf25e4
- SHA512
  
  a613953983dd43a0490cbb6733b57d713c1bca0cce342a8bbca498c30008ebe58ff3268111eeb49f14f9db9f2fce7228029c63c9c92b50f888f8d8324678db31
- SSDEEP
  
  98304:n5il9zT8snnr1EFBvPmLpQS9GqWZaZ7dBw2Jg5fxdwBKw:a90ynBEzCQ8GqNldBw2Afpw
Score

8^/10

persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2