79c5324a490a66906380ed976ca7bf4eb73f5d85fec3f2260a32937e391fd073 | Triage

Sharing

General

Target

0a9ca1e90fd98d8339dd33c9b27d6d47
Size

236KB
Sample

231225-gxelvadda4
MD5

0a9ca1e90fd98d8339dd33c9b27d6d47
SHA1

6f22fa177f5fd7cad4d34fbc4ed8f7c8aeb8e452
SHA256

79c5324a490a66906380ed976ca7bf4eb73f5d85fec3f2260a32937e391fd073
SHA512

5d5d5e4d8bb4d0b006cdfc0ed09d40daf8e7d1d93f5653c22c85160da2c743cc682c4d27db833d62c9c33e501f8ae54b8ecd356e64000cf35fdd26250ca17da4
SSDEEP

1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktb3:1Y4tIQG8XAmbFfaGc1fawk13

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0a9ca1e90fd98d8339dd33c9b27d6d47
- Size
  
  236KB
- MD5
  
  0a9ca1e90fd98d8339dd33c9b27d6d47
- SHA1
  
  6f22fa177f5fd7cad4d34fbc4ed8f7c8aeb8e452
- SHA256
  
  79c5324a490a66906380ed976ca7bf4eb73f5d85fec3f2260a32937e391fd073
- SHA512
  
  5d5d5e4d8bb4d0b006cdfc0ed09d40daf8e7d1d93f5653c22c85160da2c743cc682c4d27db833d62c9c33e501f8ae54b8ecd356e64000cf35fdd26250ca17da4
- SSDEEP
  
  1536:1dKaTHN2ymZ0ofa5uQm4V7HG8ldINh+RhFtFftCgpcGO5lPf/XG8GmGwktb3:1Y4tIQG8XAmbFfaGc1fawk13
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2