5b5c678e0dc912db48668d140daf8eec96a1cdda0afe9ca4e16c9a1f116f0ee5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11ecd3d13ecc2aa1965b262173dc37fb
Size

145KB
Sample

231230-h4pk3ahfgk
MD5

11ecd3d13ecc2aa1965b262173dc37fb
SHA1

7d51997476fecf255a43a6c3cba3d310bae4d065
SHA256

5b5c678e0dc912db48668d140daf8eec96a1cdda0afe9ca4e16c9a1f116f0ee5
SHA512

83b309350361be88e641a050cb00f8d81bffd8ca77b93084e6c0ff78924dda61dc5f185aaf8dbe0c5e1c5f1fcb318b5dc9783f9c15178eabb037fb4d8242053a
SSDEEP

3072:msZvE66YBQ56rwSeHLkCPkJVf8Nbvbtgu:mKvE664Q56rw3LkCsJIbvbSu

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  11ecd3d13ecc2aa1965b262173dc37fb
- Size
  
  145KB
- MD5
  
  11ecd3d13ecc2aa1965b262173dc37fb
- SHA1
  
  7d51997476fecf255a43a6c3cba3d310bae4d065
- SHA256
  
  5b5c678e0dc912db48668d140daf8eec96a1cdda0afe9ca4e16c9a1f116f0ee5
- SHA512
  
  83b309350361be88e641a050cb00f8d81bffd8ca77b93084e6c0ff78924dda61dc5f185aaf8dbe0c5e1c5f1fcb318b5dc9783f9c15178eabb037fb4d8242053a
- SSDEEP
  
  3072:msZvE66YBQ56rwSeHLkCPkJVf8Nbvbtgu:mKvE664Q56rw3LkCsJIbvbSu
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2