07a33cf6926b62bf66bcaed91712218c9d81bfd10bf41d005b7d55310f3b352e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed79c8f65b02ed83d5db8c355328294a73dc447f08f657312bf8f3a5b40c7494.exe.zip
Size

258KB
Sample

231031-ravpnaha7w
MD5

efe3b0e49a63629fa94e2b22a947231e
SHA1

d28f1d263d8af182c2b417ad77b2dcb24ba21852
SHA256

07a33cf6926b62bf66bcaed91712218c9d81bfd10bf41d005b7d55310f3b352e
SHA512

8ad95ab7ac32be5c97b222066fc647e329efd0ebce338e6428f99d4c8a3c2684a6e47f5f52470a5d45c74002238d1cdcb2b38748b9554a0e36df3255c7f68256
SSDEEP

6144:3mVMN6SYPOTfcSHdgCsOUHjjOh5T+LQDiYzbLr:3G/ucS9glOyOhR+wiCj

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ed79c8f65b02ed83d5db8c355328294a73dc447f08f657312bf8f3a5b40c7494.exe
- Size
  
  292KB
- MD5
  
  56d52c503adf02184f19eee4767ef60a
- SHA1
  
  ca133f67a286f4f20282e19837b53b38a27a1caa
- SHA256
  
  ed79c8f65b02ed83d5db8c355328294a73dc447f08f657312bf8f3a5b40c7494
- SHA512
  
  246f35664a9af548d402878a3e6ce6d8901a0978477b145db5fd4e5857021efc4016369e9e02e709a27cf5c84f44a32e106008668ba96e2b45d4d06599090d8f
- SSDEEP
  
  6144:lWK8x2ZFD7h/uMdnv0iyLI6utiI1ARjhaXcoUvedlVFdo:22ZFD77dnBhi3Us8/VFdo
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2