deb09c4c06b43c6410f10786d078f27a68dc8ec847e885f4c2619d5526db68d9 | Triage

Sharing

General

Target

MARS_Perm.exe
Size

854KB
Sample

240316-cgs23sba43
MD5

3f76f2351b226049f9a71ebc5a356ddb
SHA1

b99c7821011ae624940d659ffed809840e966bb5
SHA256

deb09c4c06b43c6410f10786d078f27a68dc8ec847e885f4c2619d5526db68d9
SHA512

15b852fbfe9219028eb0c3c6997e5ef2b39e38bf1c862d59a9a49ce3b6a4364b6495426054f4c9c2deb94c33eb58ade65533cdb356df303b5d350e47c9612391
SSDEEP

12288:B7wsAKJMBAFNVkF77RlzoCgfdcqvCoRtb7L0k:B7wsAKaBApkF77RpoCgfdt6on7L0k

Score

7^/10

Malware Config

Targets

- Target
  
  MARS_Perm.exe
- Size
  
  854KB
- MD5
  
  3f76f2351b226049f9a71ebc5a356ddb
- SHA1
  
  b99c7821011ae624940d659ffed809840e966bb5
- SHA256
  
  deb09c4c06b43c6410f10786d078f27a68dc8ec847e885f4c2619d5526db68d9
- SHA512
  
  15b852fbfe9219028eb0c3c6997e5ef2b39e38bf1c862d59a9a49ce3b6a4364b6495426054f4c9c2deb94c33eb58ade65533cdb356df303b5d350e47c9612391
- SSDEEP
  
  12288:B7wsAKJMBAFNVkF77RlzoCgfdcqvCoRtb7L0k:B7wsAKaBApkF77RpoCgfdt6on7L0k
Score

7^/10
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2