04791786e50085ca188baf11b95a94e9894edb71c3cdcabf3d2040fc023ebcc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

214aa1c1688e1f2ace526c49509053b0.bin
Size

224KB
Sample

231118-bq9whsgd98
MD5

214aa1c1688e1f2ace526c49509053b0
SHA1

a815037bdce567633dd6928d074c912653a7d514
SHA256

04791786e50085ca188baf11b95a94e9894edb71c3cdcabf3d2040fc023ebcc5
SHA512

6fe472cd57e9daf972d7f56cf6f245d5c866e786e88e9dc64028b317130c14156212862608714bad4f4ae36031690acdc8a0a141b28081b18bfb8b282590870a
SSDEEP

6144:kJ25urvVAbU0LG72G+gvvQF12/QRaFWtQrBIu6/gvvQF12/:k1vViU0LG72Iv21LsFWtQtI8v21

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  214aa1c1688e1f2ace526c49509053b0.bin
- Size
  
  224KB
- MD5
  
  214aa1c1688e1f2ace526c49509053b0
- SHA1
  
  a815037bdce567633dd6928d074c912653a7d514
- SHA256
  
  04791786e50085ca188baf11b95a94e9894edb71c3cdcabf3d2040fc023ebcc5
- SHA512
  
  6fe472cd57e9daf972d7f56cf6f245d5c866e786e88e9dc64028b317130c14156212862608714bad4f4ae36031690acdc8a0a141b28081b18bfb8b282590870a
- SSDEEP
  
  6144:kJ25urvVAbU0LG72G+gvvQF12/QRaFWtQrBIu6/gvvQF12/:k1vViU0LG72Iv21LsFWtQtI8v21
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2