d49ae60e44bafb4b01d48265ca5d15d7e914f84f2e77a1ec59ed5e842bd96fb4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d49ae60e44bafb4b01d48265ca5d15d7e914f84f2e77a1ec59ed5e842bd96fb4
Size

86KB
Sample

230901-2bc64sae35
MD5

e1df35f756fc869b52188b4af37c9a06
SHA1

d36f089db3504fdd1594ea5e351ef3f796f82893
SHA256

d49ae60e44bafb4b01d48265ca5d15d7e914f84f2e77a1ec59ed5e842bd96fb4
SHA512

efbc71498fcdf92f93747464648b40ce9b6a703cda1371a3abdcd38f38176a8e2ed10e4156884a9e0c3d0cb340363de2c78ec31a5b9d757ec87c8c02d026b1c4
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOQWh4/Dk6q9auC:GhfxHNIreQm+Hi/Wh4/Dk6q9auC

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  d49ae60e44bafb4b01d48265ca5d15d7e914f84f2e77a1ec59ed5e842bd96fb4
- Size
  
  86KB
- MD5
  
  e1df35f756fc869b52188b4af37c9a06
- SHA1
  
  d36f089db3504fdd1594ea5e351ef3f796f82893
- SHA256
  
  d49ae60e44bafb4b01d48265ca5d15d7e914f84f2e77a1ec59ed5e842bd96fb4
- SHA512
  
  efbc71498fcdf92f93747464648b40ce9b6a703cda1371a3abdcd38f38176a8e2ed10e4156884a9e0c3d0cb340363de2c78ec31a5b9d757ec87c8c02d026b1c4
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOQWh4/Dk6q9auC:GhfxHNIreQm+Hi/Wh4/Dk6q9auC
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2