98f0fa063887f9b4e8cbc6536fe89311b61fa99900789979b11ec4e34eed51c1 | Triage

Sharing

General

Target

a78e25e87ee9ff78a29971865976c319.exe
Size

359KB
Sample

231127-vf3h8sac9y
MD5

a78e25e87ee9ff78a29971865976c319
SHA1

2115b54ff6387006bc41623cf8f916ddd059d23c
SHA256

98f0fa063887f9b4e8cbc6536fe89311b61fa99900789979b11ec4e34eed51c1
SHA512

5ce94a308c3bdad5cf9d3b28f34b03c8eb13d6b0d4ceeed8dd694534cf8dc622355373ae8b80f7705de147e2babc307e8481c1eb075606bb1dbd078889283041
SSDEEP

3072:jM7iiscTLDf0kQI8Va3CkfUVuyelbvP5lkzmQ1o0Otw44KmfpKivFM6WpqXWweFU:jMhTTLDfprba4Yb31/doG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a78e25e87ee9ff78a29971865976c319.exe
- Size
  
  359KB
- MD5
  
  a78e25e87ee9ff78a29971865976c319
- SHA1
  
  2115b54ff6387006bc41623cf8f916ddd059d23c
- SHA256
  
  98f0fa063887f9b4e8cbc6536fe89311b61fa99900789979b11ec4e34eed51c1
- SHA512
  
  5ce94a308c3bdad5cf9d3b28f34b03c8eb13d6b0d4ceeed8dd694534cf8dc622355373ae8b80f7705de147e2babc307e8481c1eb075606bb1dbd078889283041
- SSDEEP
  
  3072:jM7iiscTLDf0kQI8Va3CkfUVuyelbvP5lkzmQ1o0Otw44KmfpKivFM6WpqXWweFU:jMhTTLDfprba4Yb31/doG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2