8b77fc24e7bffbd595c5aeba1b628f2a3820b0ceb77aca880d19cc324a3b8ce0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89678289736124fc58686e09c5cfc13a
Size

13KB
Sample

240202-np5avsfaep
MD5

89678289736124fc58686e09c5cfc13a
SHA1

a38cfdd6a53b6ed4dfa02dde05015f40bd25e234
SHA256

8b77fc24e7bffbd595c5aeba1b628f2a3820b0ceb77aca880d19cc324a3b8ce0
SHA512

8ebaa5236e87a2e176bafd4f1f4d140faf38170f273676a21c0cafc408f78c2e4dd4c6127cb49b3ccdea9f895b35f180e9c5b8e76915ccf9facb96227bb6be34
SSDEEP

384:4cJoXJz6ttH0lbX4qHmOpOmjuwli/roDiCF2yPP:4pXJuY4hG5g/8VAy3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  89678289736124fc58686e09c5cfc13a
- Size
  
  13KB
- MD5
  
  89678289736124fc58686e09c5cfc13a
- SHA1
  
  a38cfdd6a53b6ed4dfa02dde05015f40bd25e234
- SHA256
  
  8b77fc24e7bffbd595c5aeba1b628f2a3820b0ceb77aca880d19cc324a3b8ce0
- SHA512
  
  8ebaa5236e87a2e176bafd4f1f4d140faf38170f273676a21c0cafc408f78c2e4dd4c6127cb49b3ccdea9f895b35f180e9c5b8e76915ccf9facb96227bb6be34
- SSDEEP
  
  384:4cJoXJz6ttH0lbX4qHmOpOmjuwli/roDiCF2yPP:4pXJuY4hG5g/8VAy3
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2