cec86c2ac3ef44cec6fd90ba66641096af668103a4eb9adb4da3cf2f4f108256 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ba87fb5ca59661e10e8ff652e0b0902
Size

14KB
Sample

240115-atv14aehe4
MD5

5ba87fb5ca59661e10e8ff652e0b0902
SHA1

325294ee371853ea0e181b1424260a855a9f28e6
SHA256

cec86c2ac3ef44cec6fd90ba66641096af668103a4eb9adb4da3cf2f4f108256
SHA512

cee3e7bb098c499cad4146d78b27d0d7ea684cac943b8368f213c96f0de34aa85219a3259ee777a26a8f78c1f1766a33e4cde62ba2404970e17d2fa85ba1cf3d
SSDEEP

384:EH8RvUo5gz7IH4PHDLM8/SQrwLkBMzAC+RVcr8S95A5l9lQbO:EEUp7IHunX6wI8ju95yHj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5ba87fb5ca59661e10e8ff652e0b0902
- Size
  
  14KB
- MD5
  
  5ba87fb5ca59661e10e8ff652e0b0902
- SHA1
  
  325294ee371853ea0e181b1424260a855a9f28e6
- SHA256
  
  cec86c2ac3ef44cec6fd90ba66641096af668103a4eb9adb4da3cf2f4f108256
- SHA512
  
  cee3e7bb098c499cad4146d78b27d0d7ea684cac943b8368f213c96f0de34aa85219a3259ee777a26a8f78c1f1766a33e4cde62ba2404970e17d2fa85ba1cf3d
- SSDEEP
  
  384:EH8RvUo5gz7IH4PHDLM8/SQrwLkBMzAC+RVcr8S95A5l9lQbO:EEUp7IHunX6wI8ju95yHj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2