18af77a56e9a3bd4e3c7ea0c098d5a117489e40355224bf11201be14c64a2240 | Triage

Sharing

General

Target

de9021299f6019706422ffdb859f636a
Size

220KB
Sample

240325-v3tjvagh8z
MD5

de9021299f6019706422ffdb859f636a
SHA1

d00a26cfed09a0428a154ea80c48b197b7607786
SHA256

18af77a56e9a3bd4e3c7ea0c098d5a117489e40355224bf11201be14c64a2240
SHA512

0b3b7a10d434238200f551571f2992286d870a93f011ffa08e80a5c553e80dacf758f4e54b4b6f2a8f5a452bec4d28dde313078f83ff56c3e4c7ed64178baa6a
SSDEEP

3072:TLkt3tE1WiYpehcrVpH7r5/6RQL+v6dJ0/wGOLU4eAomcrVpH7r5/6RQL+:0tduWRpeh2H3p9L+v6dD3om2H3p9L+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  de9021299f6019706422ffdb859f636a
- Size
  
  220KB
- MD5
  
  de9021299f6019706422ffdb859f636a
- SHA1
  
  d00a26cfed09a0428a154ea80c48b197b7607786
- SHA256
  
  18af77a56e9a3bd4e3c7ea0c098d5a117489e40355224bf11201be14c64a2240
- SHA512
  
  0b3b7a10d434238200f551571f2992286d870a93f011ffa08e80a5c553e80dacf758f4e54b4b6f2a8f5a452bec4d28dde313078f83ff56c3e4c7ed64178baa6a
- SSDEEP
  
  3072:TLkt3tE1WiYpehcrVpH7r5/6RQL+v6dJ0/wGOLU4eAomcrVpH7r5/6RQL+:0tduWRpeh2H3p9L+v6dD3om2H3p9L+
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2