495f0f384e940fde0b94269849cf4b487641da875be5ffc6e051f410e6e89e5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

495f0f384e940fde0b94269849cf4b487641da875be5ffc6e051f410e6e89e5d
Size

148KB
Sample

240326-yjgygsaf83
MD5

c99548c7a66bd84472bc7129f2b382d0
SHA1

647b189691d054e180ab0c91e52040f83229b628
SHA256

495f0f384e940fde0b94269849cf4b487641da875be5ffc6e051f410e6e89e5d
SHA512

ace695d228d6287dd68fce4248ec5d1b240fdf6c8c4eb5929d9b234c82164bfad6cdfc998be4ab1448fb45baae577ef62ff2e63ac73c65d6aad959d8b57c21b1
SSDEEP

3072:UX7C63r5iPxXWi+VU4x8Y5OdzOdjKtlDoNQQ9wlHOdj+UCRQKOdj+U:ULC9xQU4x8KOdzOdkOdezOd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  495f0f384e940fde0b94269849cf4b487641da875be5ffc6e051f410e6e89e5d
- Size
  
  148KB
- MD5
  
  c99548c7a66bd84472bc7129f2b382d0
- SHA1
  
  647b189691d054e180ab0c91e52040f83229b628
- SHA256
  
  495f0f384e940fde0b94269849cf4b487641da875be5ffc6e051f410e6e89e5d
- SHA512
  
  ace695d228d6287dd68fce4248ec5d1b240fdf6c8c4eb5929d9b234c82164bfad6cdfc998be4ab1448fb45baae577ef62ff2e63ac73c65d6aad959d8b57c21b1
- SSDEEP
  
  3072:UX7C63r5iPxXWi+VU4x8Y5OdzOdjKtlDoNQQ9wlHOdj+UCRQKOdj+U:ULC9xQU4x8KOdzOdkOdezOd
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2