64aca2f16f78771c494f13e7da1245cde568c54244750ca7c37d9085c62e1c92 | Triage

Sharing

General

Target

Trojan-Proxy.Win32.Qukart.vij-64aca2f16f78771c494f13e7da1245cde568c54244750ca7c37d9085c62e1c92
Size

70KB
Sample

240229-ltzvtsdf77
MD5

15db1a1490d28be1c30ec81aae3545c0
SHA1

e1f07f9abe0db4b23e1888b5828ec49a8cda48ee
SHA256

64aca2f16f78771c494f13e7da1245cde568c54244750ca7c37d9085c62e1c92
SHA512

9034c04e00d64883a14256a01c02e6ff741fa14362f5159ef2cb734528cf4258233d2688fbf8880e490351f51fecc9e3b42d76a93080426cdb94ce4b001348f5
SSDEEP

1536:Vs/5FuDb+TisVro6zlXSzepEEEEEEEEuDvlFYE8Rm0OSHNg:VMFcKXJlXSTvlFY/m05tg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Trojan-Proxy.Win32.Qukart.vij-64aca2f16f78771c494f13e7da1245cde568c54244750ca7c37d9085c62e1c92
- Size
  
  70KB
- MD5
  
  15db1a1490d28be1c30ec81aae3545c0
- SHA1
  
  e1f07f9abe0db4b23e1888b5828ec49a8cda48ee
- SHA256
  
  64aca2f16f78771c494f13e7da1245cde568c54244750ca7c37d9085c62e1c92
- SHA512
  
  9034c04e00d64883a14256a01c02e6ff741fa14362f5159ef2cb734528cf4258233d2688fbf8880e490351f51fecc9e3b42d76a93080426cdb94ce4b001348f5
- SSDEEP
  
  1536:Vs/5FuDb+TisVro6zlXSzepEEEEEEEEuDvlFYE8Rm0OSHNg:VMFcKXJlXSTvlFY/m05tg
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2