ff949ff9eb527328decd0171ef99781965e3b9a507dbe1a759fa114729b29cd6 | Triage

Sharing

General

Target

ebbb5127b8f68ca2fc900275233cb509.exe
Size

144KB
Sample

240108-y18sjahcgq
MD5

ebbb5127b8f68ca2fc900275233cb509
SHA1

d30fadba2ef01a7b27e2a95e5b3b60533dcc476e
SHA256

ff949ff9eb527328decd0171ef99781965e3b9a507dbe1a759fa114729b29cd6
SHA512

11dd94f7758a554b316e78c1d3f76a1ba9026dde6e4b6ea12ea0623595d36ce2bc103646dfb1fff2a68654500cb5260991c000fa23c7cdc34b0d0273b131e68d
SSDEEP

3072:cnbYzQo2xvHRzKtfUZLpuoSD6eHvMQH2qC7ZQOlzSLUK6MwGsGnDc9nhVizLrId0:XkitfUZLpbSmeHvMQWfdQOhwJ6MwGsmN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ebbb5127b8f68ca2fc900275233cb509.exe
- Size
  
  144KB
- MD5
  
  ebbb5127b8f68ca2fc900275233cb509
- SHA1
  
  d30fadba2ef01a7b27e2a95e5b3b60533dcc476e
- SHA256
  
  ff949ff9eb527328decd0171ef99781965e3b9a507dbe1a759fa114729b29cd6
- SHA512
  
  11dd94f7758a554b316e78c1d3f76a1ba9026dde6e4b6ea12ea0623595d36ce2bc103646dfb1fff2a68654500cb5260991c000fa23c7cdc34b0d0273b131e68d
- SSDEEP
  
  3072:cnbYzQo2xvHRzKtfUZLpuoSD6eHvMQH2qC7ZQOlzSLUK6MwGsGnDc9nhVizLrId0:XkitfUZLpbSmeHvMQWfdQOhwJ6MwGsmN
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2