cf2e3de03ff038f17d9f6a8b1d8423f4ba49ee5d6e63da338e7187b4f1f52ac2 | Triage

Sharing

General

Target

bed0c1b1c8f98c519fb7179f4ddc644f.exe
Size

275KB
Sample

231126-j1tlaafg6v
MD5

bed0c1b1c8f98c519fb7179f4ddc644f
SHA1

8601f5c8ab77415a671131d5cb5b8129b92a3281
SHA256

cf2e3de03ff038f17d9f6a8b1d8423f4ba49ee5d6e63da338e7187b4f1f52ac2
SHA512

e73ff37e16fb9749ad32cd368e3e76ca8d67ffc4131f4dee7908868c4bdb50661af6500aa5f59ff19081e4ad818b57ffe0f29eff36a062391a827245f036ac43
SSDEEP

6144:ami2nknJSqPgzL2V4cpC0L4AY7YWT63cpC0L4f:zknoL2/p9i7drp9S

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bed0c1b1c8f98c519fb7179f4ddc644f.exe
- Size
  
  275KB
- MD5
  
  bed0c1b1c8f98c519fb7179f4ddc644f
- SHA1
  
  8601f5c8ab77415a671131d5cb5b8129b92a3281
- SHA256
  
  cf2e3de03ff038f17d9f6a8b1d8423f4ba49ee5d6e63da338e7187b4f1f52ac2
- SHA512
  
  e73ff37e16fb9749ad32cd368e3e76ca8d67ffc4131f4dee7908868c4bdb50661af6500aa5f59ff19081e4ad818b57ffe0f29eff36a062391a827245f036ac43
- SSDEEP
  
  6144:ami2nknJSqPgzL2V4cpC0L4AY7YWT63cpC0L4f:zknoL2/p9i7drp9S
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2