3e5980b1eb258d8dd831335693a99b77eb7f0a59298cf79c4726a175da010f24 | Triage

Sharing

General

Target

0a854cf0fd9f2a188f87fb1849b2a616
Size

14KB
Sample

231230-b6arcsfgh7
MD5

0a854cf0fd9f2a188f87fb1849b2a616
SHA1

36d8c472e1b40b36663ec271805ceb0cd67196c3
SHA256

3e5980b1eb258d8dd831335693a99b77eb7f0a59298cf79c4726a175da010f24
SHA512

c4d2fe694345ff0effeff023803b25c272ceda55949c729a4f2d363616cb82dd7f4c218d81e07ff5a781e4357602b16cac83da4455b929b4931d781d29617853
SSDEEP

192:UKolLDIGpeXSjvnS8KcTmhiXsN9R+aVexqpvoGTUISWIOoMjqujMzk7HOpE/tw:U3VZgXSjvS8FTbsNySV9zTBroe2kLJt

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  0a854cf0fd9f2a188f87fb1849b2a616
- Size
  
  14KB
- MD5
  
  0a854cf0fd9f2a188f87fb1849b2a616
- SHA1
  
  36d8c472e1b40b36663ec271805ceb0cd67196c3
- SHA256
  
  3e5980b1eb258d8dd831335693a99b77eb7f0a59298cf79c4726a175da010f24
- SHA512
  
  c4d2fe694345ff0effeff023803b25c272ceda55949c729a4f2d363616cb82dd7f4c218d81e07ff5a781e4357602b16cac83da4455b929b4931d781d29617853
- SSDEEP
  
  192:UKolLDIGpeXSjvnS8KcTmhiXsN9R+aVexqpvoGTUISWIOoMjqujMzk7HOpE/tw:U3VZgXSjvS8FTbsNySV9zTBroe2kLJt
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2