8155c64edff365ea62634cfca656173ce867eaddda1c7dfe51db7327737e1cf1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73c2a8838d9f4a62fad6ca8d3d32c836
Size

333KB
Sample

240125-faywjaggen
MD5

73c2a8838d9f4a62fad6ca8d3d32c836
SHA1

32135d6da31d5dde5abfb6c22345abd3aa554061
SHA256

8155c64edff365ea62634cfca656173ce867eaddda1c7dfe51db7327737e1cf1
SHA512

9f127d2b829c855bef9a01fed0d7e1d6828133f461eaa3e6768f96902a91f0f9f2ef6991eb2792d95d65ed278ba2f692f7408ca5c120a46c783715f7e2b625de
SSDEEP

6144:VWlkOHlo+F7B9sd1UQXMbQRjkod6U912429sd1UQXMbQRjkod6U:VwkOHi+JQkA1GQk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  73c2a8838d9f4a62fad6ca8d3d32c836
- Size
  
  333KB
- MD5
  
  73c2a8838d9f4a62fad6ca8d3d32c836
- SHA1
  
  32135d6da31d5dde5abfb6c22345abd3aa554061
- SHA256
  
  8155c64edff365ea62634cfca656173ce867eaddda1c7dfe51db7327737e1cf1
- SHA512
  
  9f127d2b829c855bef9a01fed0d7e1d6828133f461eaa3e6768f96902a91f0f9f2ef6991eb2792d95d65ed278ba2f692f7408ca5c120a46c783715f7e2b625de
- SSDEEP
  
  6144:VWlkOHlo+F7B9sd1UQXMbQRjkod6U912429sd1UQXMbQRjkod6U:VwkOHi+JQkA1GQk
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2