9f8c09991a92061dfb7ae335a947e840f223003e528d6d049af2a86106806a7d | Triage

Sharing

General

Target

9f8c09991a92061dfb7ae335a947e840f223003e528d6d049af2a86106806a7d
Size

488KB
Sample

240312-av8ctach72
MD5

a5ed0e4ffc25394b4f9b774e95df81cf
SHA1

e6919006ca8ae67fa695e52810ad2ca04171fbf3
SHA256

9f8c09991a92061dfb7ae335a947e840f223003e528d6d049af2a86106806a7d
SHA512

32bd35013e54b037d8ae214619b94fc7d607a710c787cc1e2f82504cbf869904b40dd5e4ad4fe45e14038990e798a2b5cb77f7ab9e1a246ecabe3e5862dd6ad7
SSDEEP

6144:maY4Yfon/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uon2KO:LYaNIVyeNIVy2oIvPKiKO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9f8c09991a92061dfb7ae335a947e840f223003e528d6d049af2a86106806a7d
- Size
  
  488KB
- MD5
  
  a5ed0e4ffc25394b4f9b774e95df81cf
- SHA1
  
  e6919006ca8ae67fa695e52810ad2ca04171fbf3
- SHA256
  
  9f8c09991a92061dfb7ae335a947e840f223003e528d6d049af2a86106806a7d
- SHA512
  
  32bd35013e54b037d8ae214619b94fc7d607a710c787cc1e2f82504cbf869904b40dd5e4ad4fe45e14038990e798a2b5cb77f7ab9e1a246ecabe3e5862dd6ad7
- SSDEEP
  
  6144:maY4Yfon/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uon2KO:LYaNIVyeNIVy2oIvPKiKO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2