97e830785984e3ab0ae0fe0b6282a829a9d2d9084a7c138a95e67fa5700aafa8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a64fe857086993d0fe3c9f8823114c5d.exe
Size

80KB
Sample

240108-ys1ryshcd5
MD5

a64fe857086993d0fe3c9f8823114c5d
SHA1

89e6526b4a5005d01482fa0355d4df8183e5c9bb
SHA256

97e830785984e3ab0ae0fe0b6282a829a9d2d9084a7c138a95e67fa5700aafa8
SHA512

373badd0f2d6e07cd2e3d82dc70e649b5f670bc7facb01790b5b6cbc9355085e71333ac6dd6e3a435ff0f0eae6d61ec1b8940850ace175ccf682e54ecd3b5125
SSDEEP

1536:IRVHbNQh9766fRynW22Lt8/wfi+TjRC/6i:m9BQfOuyneKwf1TjYL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a64fe857086993d0fe3c9f8823114c5d.exe
- Size
  
  80KB
- MD5
  
  a64fe857086993d0fe3c9f8823114c5d
- SHA1
  
  89e6526b4a5005d01482fa0355d4df8183e5c9bb
- SHA256
  
  97e830785984e3ab0ae0fe0b6282a829a9d2d9084a7c138a95e67fa5700aafa8
- SHA512
  
  373badd0f2d6e07cd2e3d82dc70e649b5f670bc7facb01790b5b6cbc9355085e71333ac6dd6e3a435ff0f0eae6d61ec1b8940850ace175ccf682e54ecd3b5125
- SSDEEP
  
  1536:IRVHbNQh9766fRynW22Lt8/wfi+TjRC/6i:m9BQfOuyneKwf1TjYL
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2