644fd7573f72e1b904a7b2ba5c5534af6fe414345fe70b0411213018f6ebfba5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AMAZON.exe
Size

6.9MB
Sample

240316-dzwflaah6v
MD5

212add35db896389ea8bf5311efdb7d5
SHA1

621729e6b12ce455b4453048ecfe235ec662af69
SHA256

644fd7573f72e1b904a7b2ba5c5534af6fe414345fe70b0411213018f6ebfba5
SHA512

70dbaf73886bb53a67917fd9f13cd974da9caef7c45e4b4fec4e946cff251262da288bcc96c07ed7fe04e64f3bee3ee1e931c3cd892e98dba1909dcf2ec532fa
SSDEEP

98304:ZnbIMfow2LmvNA1h9eT393YigJhH0yqTu/NWPdHdda9D4oREKYTA+qHP1w:ZnbIT2A1HeT39Iig+c0/aFFriADv

Score

7^/10

persistence pyinstaller

Malware Config

Targets

- Target
  
  AMAZON.exe
- Size
  
  6.9MB
- MD5
  
  212add35db896389ea8bf5311efdb7d5
- SHA1
  
  621729e6b12ce455b4453048ecfe235ec662af69
- SHA256
  
  644fd7573f72e1b904a7b2ba5c5534af6fe414345fe70b0411213018f6ebfba5
- SHA512
  
  70dbaf73886bb53a67917fd9f13cd974da9caef7c45e4b4fec4e946cff251262da288bcc96c07ed7fe04e64f3bee3ee1e931c3cd892e98dba1909dcf2ec532fa
- SSDEEP
  
  98304:ZnbIMfow2LmvNA1h9eT393YigJhH0yqTu/NWPdHdda9D4oREKYTA+qHP1w:ZnbIT2A1HeT39Iig+c0/aFFriADv
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1