e4be467f7ead8e346239df7ec1745f7904a4f3918eaedafbbb0280c3f8bea105 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e4be467f7ead8e346239df7ec1745f7904a4f3918eaedafbbb0280c3f8bea105
Size

77KB
Sample

230921-fd5hgsdc5y
MD5

9b0a9937fec1d7018a457b32a3c38dbf
SHA1

846684d12de79125108337611fa4622a4cd040dc
SHA256

e4be467f7ead8e346239df7ec1745f7904a4f3918eaedafbbb0280c3f8bea105
SHA512

4e400a7f562d15479e8b472bc8361fda242697e096b1d5dbfa8a368bb458e296e96c705e91859f669677dcb71db3231ab2d4f676b85506d42c2cb2ae6abe8c49
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOZKhm:GhfxHNIreQm+HieKhm

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e4be467f7ead8e346239df7ec1745f7904a4f3918eaedafbbb0280c3f8bea105
- Size
  
  77KB
- MD5
  
  9b0a9937fec1d7018a457b32a3c38dbf
- SHA1
  
  846684d12de79125108337611fa4622a4cd040dc
- SHA256
  
  e4be467f7ead8e346239df7ec1745f7904a4f3918eaedafbbb0280c3f8bea105
- SHA512
  
  4e400a7f562d15479e8b472bc8361fda242697e096b1d5dbfa8a368bb458e296e96c705e91859f669677dcb71db3231ab2d4f676b85506d42c2cb2ae6abe8c49
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOZKhm:GhfxHNIreQm+HieKhm
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2