e1fc0afa1237060ad1d91c1fbf66a0d6045996ea185ff4768796a7a3aa1cb713 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c85a62aeff4db7c8d3f0e2b9df4b9c4cb6d6dc61c43ecb30ad28738b7d7d1268.exe.zip
Size

446KB
Sample

231031-rmeh7sbh97
MD5

d50b9742ac24cf737ff67f0985f4bfa1
SHA1

f75e68651ee2cd8bf217cd258016394c7c64b21d
SHA256

e1fc0afa1237060ad1d91c1fbf66a0d6045996ea185ff4768796a7a3aa1cb713
SHA512

2c8bc5c9372dc309cf4c7640385f9c8e5feefa7b91a8a5b730261d71ecbd357e9aa5db73c9af6ecee6e2daf3e8e9255bac2df8e8fde58f50c6d74b016c1c0e49
SSDEEP

6144:4SuxHZ4zV4ejl6kjcXISkVBo9LGsIQk4sC/OZbHb6dOmVG/HiZtFPPtn8m+VvP:2x+z5skg9ko9g8BOZTb6CiFB8m+V

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c85a62aeff4db7c8d3f0e2b9df4b9c4cb6d6dc61c43ecb30ad28738b7d7d1268.exe
- Size
  
  479KB
- MD5
  
  b9b7ea3defd41af00931ffc2ba2615d8
- SHA1
  
  ad36ee057c82de6c7ae02582911f288b3c54ccca
- SHA256
  
  c85a62aeff4db7c8d3f0e2b9df4b9c4cb6d6dc61c43ecb30ad28738b7d7d1268
- SHA512
  
  d1a89fb9c40808fb411908381589e10d5629268a5173ec8f270145d27d4c610cdcb8f896cc0121f797d9a5d44a00236c22acb6a2f05f786f5a548ff33d3f068f
- SSDEEP
  
  12288:saKWJbOe9MGYmEhufFCwTmsyDrIjCnckk:fKWJylmEhuZTvy3nckk
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2