3196d0778aaf6b91e0f4c2c4a5684ac41c75af7d6711903adcce640e27c73e0d | Triage

Sharing

General

Target

3196d0778aaf6b91e0f4c2c4a5684ac41c75af7d6711903adcce640e27c73e0d
Size

112KB
Sample

240306-xehtjsfd94
MD5

df4d3c0c8a7f703d8d5529e126a2940c
SHA1

b4997cf25f2428c2f8e88c4c4a4bda0c37216015
SHA256

3196d0778aaf6b91e0f4c2c4a5684ac41c75af7d6711903adcce640e27c73e0d
SHA512

b7e3b1b5a065705bd22e97745576ac9a548d1d195f34a19f0e901405af107f1cd7382f3d64795d8470ebc17f90207df694a0f99072ee0205446753e6aa38b4bc
SSDEEP

3072:m0/6t8vFlWGwrPKndm7nXUyp4PmebD5Vo3gLJbV:w8vG1rPKc7X7oHbD5W3glbV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3196d0778aaf6b91e0f4c2c4a5684ac41c75af7d6711903adcce640e27c73e0d
- Size
  
  112KB
- MD5
  
  df4d3c0c8a7f703d8d5529e126a2940c
- SHA1
  
  b4997cf25f2428c2f8e88c4c4a4bda0c37216015
- SHA256
  
  3196d0778aaf6b91e0f4c2c4a5684ac41c75af7d6711903adcce640e27c73e0d
- SHA512
  
  b7e3b1b5a065705bd22e97745576ac9a548d1d195f34a19f0e901405af107f1cd7382f3d64795d8470ebc17f90207df694a0f99072ee0205446753e6aa38b4bc
- SSDEEP
  
  3072:m0/6t8vFlWGwrPKndm7nXUyp4PmebD5Vo3gLJbV:w8vG1rPKc7X7oHbD5W3glbV
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2