db5a6542fea11f3cad83a6e7219d0cc715d7d9185d77a72de5ec230effb8366a | Triage

Sharing

General

Target

db5a6542fea11f3cad83a6e7219d0cc715d7d9185d77a72de5ec230effb8366a
Size

84KB
Sample

230919-pelansah77
MD5

81f240d66929ab2a29ead2549eef44b3
SHA1

c0880684d990c92aa391b23cb37c444aa8ff8084
SHA256

db5a6542fea11f3cad83a6e7219d0cc715d7d9185d77a72de5ec230effb8366a
SHA512

a8869dba57c7405578bfdc9dcbd72c253a8e26619e658ccb43e956741297ff43d1c82a23f7e338474b3827a4564506f6216df54883b2fde77365417f54c090ea
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOSNnaoao7NQ:GhfxHNIreQm+HiBNnaoao7NQ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  db5a6542fea11f3cad83a6e7219d0cc715d7d9185d77a72de5ec230effb8366a
- Size
  
  84KB
- MD5
  
  81f240d66929ab2a29ead2549eef44b3
- SHA1
  
  c0880684d990c92aa391b23cb37c444aa8ff8084
- SHA256
  
  db5a6542fea11f3cad83a6e7219d0cc715d7d9185d77a72de5ec230effb8366a
- SHA512
  
  a8869dba57c7405578bfdc9dcbd72c253a8e26619e658ccb43e956741297ff43d1c82a23f7e338474b3827a4564506f6216df54883b2fde77365417f54c090ea
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOSNnaoao7NQ:GhfxHNIreQm+HiBNnaoao7NQ
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2