8f0c0e6248c3bfab9334957a6df331ff44f1bc3661b5d39aa08a0e5c33778280 | Triage

Sharing

General

Target

b881e72574df3f309bdb1946e5db25c0_exe32.exe
Size

125KB
Sample

231015-yfnxmaga32
MD5

b881e72574df3f309bdb1946e5db25c0
SHA1

d2f969c08f1b244cccf0871083b765b244445e0b
SHA256

8f0c0e6248c3bfab9334957a6df331ff44f1bc3661b5d39aa08a0e5c33778280
SHA512

4c592e56d61e97a4bd4185bc2d4499025e22116d1dfd6ba1586838bc57db35c039a5577499e61df0c980cc0c88240e38060df69dcbfdb15a4fd140affa79fb64
SSDEEP

3072:vtvTIDlYFIXBSUgPnwtvcZ1WdTCn93OGey/ZhJakrPF:9IGIX02ciTCndOGeKTaG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b881e72574df3f309bdb1946e5db25c0_exe32.exe
- Size
  
  125KB
- MD5
  
  b881e72574df3f309bdb1946e5db25c0
- SHA1
  
  d2f969c08f1b244cccf0871083b765b244445e0b
- SHA256
  
  8f0c0e6248c3bfab9334957a6df331ff44f1bc3661b5d39aa08a0e5c33778280
- SHA512
  
  4c592e56d61e97a4bd4185bc2d4499025e22116d1dfd6ba1586838bc57db35c039a5577499e61df0c980cc0c88240e38060df69dcbfdb15a4fd140affa79fb64
- SSDEEP
  
  3072:vtvTIDlYFIXBSUgPnwtvcZ1WdTCn93OGey/ZhJakrPF:9IGIX02ciTCndOGeKTaG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2