04d2577f9d51ec5da484ad12a7276d7e65d8ff9702e103973e8b3189ae089d59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4592e5bb96d02d06c49e31db6f2ccb0_exe32.exe
Size

144KB
Sample

231015-yhlv2sfd6v
MD5

d4592e5bb96d02d06c49e31db6f2ccb0
SHA1

ee703ccf3586100d48b55d6b30a17bc3cf6287d3
SHA256

04d2577f9d51ec5da484ad12a7276d7e65d8ff9702e103973e8b3189ae089d59
SHA512

5e9388a7a018ce012fc1a416b03bc9d9904044ac13136c2b5d9bcf8f2b4a8a1f4702645dc6cfcc2827a7f058ea20f5afe50e54e526b5d31490514234fd6a953e
SSDEEP

3072:9W7vwFRtp9PZgeUaYDgR4zdH13+EE+RaZ6r+GDZnBcVU:0zwFLZgPa+gR4zd5IF6rfBBcVU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d4592e5bb96d02d06c49e31db6f2ccb0_exe32.exe
- Size
  
  144KB
- MD5
  
  d4592e5bb96d02d06c49e31db6f2ccb0
- SHA1
  
  ee703ccf3586100d48b55d6b30a17bc3cf6287d3
- SHA256
  
  04d2577f9d51ec5da484ad12a7276d7e65d8ff9702e103973e8b3189ae089d59
- SHA512
  
  5e9388a7a018ce012fc1a416b03bc9d9904044ac13136c2b5d9bcf8f2b4a8a1f4702645dc6cfcc2827a7f058ea20f5afe50e54e526b5d31490514234fd6a953e
- SSDEEP
  
  3072:9W7vwFRtp9PZgeUaYDgR4zdH13+EE+RaZ6r+GDZnBcVU:0zwFLZgPa+gR4zd5IF6rfBBcVU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2