c2e7bc0126186c8d14ee668946b16d83c68cebb1e4f52b9a94a887680c0d2822 | Triage

Sharing

General

Target

c2e7bc0126186c8d14ee668946b16d83c68cebb1e4f52b9a94a887680c0d2822
Size

240KB
Sample

240325-zyzyaahe72
MD5

162beb260d347f0e4d3060f628d1b3f0
SHA1

e81a2ff07ef922b8a55356a3cb20ee11ba3ec29f
SHA256

c2e7bc0126186c8d14ee668946b16d83c68cebb1e4f52b9a94a887680c0d2822
SHA512

f1d8d6ffd43e48df5bcc65f9e5198f2aaab3397b4bf0f32c80e71e3c89bd1ab424d82c2ca0c51a0f2d0940d57f58b7e72e667d8aaf9058d8311182073e986d06
SSDEEP

3072:8ux92Xlmp2SmXYtAPgxed6BYudlNPMAvAURfE+Hxgu+tAcrbFAJc+RsUi1aVDkOh:d9SmUSoYtIyedZwlNPjLs+H8rtMs4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c2e7bc0126186c8d14ee668946b16d83c68cebb1e4f52b9a94a887680c0d2822
- Size
  
  240KB
- MD5
  
  162beb260d347f0e4d3060f628d1b3f0
- SHA1
  
  e81a2ff07ef922b8a55356a3cb20ee11ba3ec29f
- SHA256
  
  c2e7bc0126186c8d14ee668946b16d83c68cebb1e4f52b9a94a887680c0d2822
- SHA512
  
  f1d8d6ffd43e48df5bcc65f9e5198f2aaab3397b4bf0f32c80e71e3c89bd1ab424d82c2ca0c51a0f2d0940d57f58b7e72e667d8aaf9058d8311182073e986d06
- SSDEEP
  
  3072:8ux92Xlmp2SmXYtAPgxed6BYudlNPMAvAURfE+Hxgu+tAcrbFAJc+RsUi1aVDkOh:d9SmUSoYtIyedZwlNPjLs+H8rtMs4
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2