4a9baf68a3f328e4d565ab78433d4ed7933c5e342df79b5b4930e3fb56c9ea85 | Triage

Sharing

General

Target

4a9baf68a3f328e4d565ab78433d4ed7933c5e342df79b5b4930e3fb56c9ea85
Size

256KB
Sample

240325-xd9wmsff86
MD5

eb9603ac020887ceda2fafb70b9011c0
SHA1

759b74d1f3285c7e77362ad33f958f0bd2bf6367
SHA256

4a9baf68a3f328e4d565ab78433d4ed7933c5e342df79b5b4930e3fb56c9ea85
SHA512

6ea984c79ab969874ec7e440b876513d39d5252b5ece193ee2563fcb987a9b35931f9ce9d226dba8d91e3d1fc972f2d6436b4a4f1f5b839e5d8fa5e41e5a65ca
SSDEEP

3072:ynC/nYyWKTonK0gSTWqAhELy1MTT6e5f7N+Awrogsw+STWqAhELy1MTT6e5fAKka:M5ywZgSTYaT15f7o+STYaT15fAK8yL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4a9baf68a3f328e4d565ab78433d4ed7933c5e342df79b5b4930e3fb56c9ea85
- Size
  
  256KB
- MD5
  
  eb9603ac020887ceda2fafb70b9011c0
- SHA1
  
  759b74d1f3285c7e77362ad33f958f0bd2bf6367
- SHA256
  
  4a9baf68a3f328e4d565ab78433d4ed7933c5e342df79b5b4930e3fb56c9ea85
- SHA512
  
  6ea984c79ab969874ec7e440b876513d39d5252b5ece193ee2563fcb987a9b35931f9ce9d226dba8d91e3d1fc972f2d6436b4a4f1f5b839e5d8fa5e41e5a65ca
- SSDEEP
  
  3072:ynC/nYyWKTonK0gSTWqAhELy1MTT6e5f7N+Awrogsw+STWqAhELy1MTT6e5fAKka:M5ywZgSTYaT15f7o+STYaT15fAK8yL
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2