a796971aa55396e86054afd0aea1204b316d440a1434b7785da5cd05c9db75ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a038851b3b67c060c1bd8296b8545710.exe
Size

434KB
Sample

231127-xwla1acc83
MD5

a038851b3b67c060c1bd8296b8545710
SHA1

cfe105b4af4829147d9173cfaa404cd3b4991401
SHA256

a796971aa55396e86054afd0aea1204b316d440a1434b7785da5cd05c9db75ff
SHA512

288f917a1b68f7c05e2c5a2789f096b1bf64c2175b4475158edf63c30bcb0fad26894804a299c167ef76e1c7c5249f298d61469ba0d6dde430b93fb04a048003
SSDEEP

6144:wTgHxSGYwVnXMo0X+mYJhqoxGfDxIAmZ4IB2mMWjWVWreN3SUeDRiwxELHIE9Ey6:wTXG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a038851b3b67c060c1bd8296b8545710.exe
- Size
  
  434KB
- MD5
  
  a038851b3b67c060c1bd8296b8545710
- SHA1
  
  cfe105b4af4829147d9173cfaa404cd3b4991401
- SHA256
  
  a796971aa55396e86054afd0aea1204b316d440a1434b7785da5cd05c9db75ff
- SHA512
  
  288f917a1b68f7c05e2c5a2789f096b1bf64c2175b4475158edf63c30bcb0fad26894804a299c167ef76e1c7c5249f298d61469ba0d6dde430b93fb04a048003
- SSDEEP
  
  6144:wTgHxSGYwVnXMo0X+mYJhqoxGfDxIAmZ4IB2mMWjWVWreN3SUeDRiwxELHIE9Ey6:wTXG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2