328c4165accbe1a23cfe28feeb3742959d1be417a7aa8fc385ae16e545a1da26 | Triage

Sharing

General

Target

328c4165accbe1a23cfe28feeb3742959d1be417a7aa8fc385ae16e545a1da26
Size

368KB
Sample

240416-zfnsasca89
MD5

18a3c249b719eaf461e177961b505198
SHA1

fc2dff4b5c88b996aed546e8649a9e2108bf1fd2
SHA256

328c4165accbe1a23cfe28feeb3742959d1be417a7aa8fc385ae16e545a1da26
SHA512

3490a4bb2e3de2c6cefeeea13ff55936a2a1f6f0006d8960f468201e6fd8a27ffe8a75e63ac5c74c9b958ec76daa071ec77bddfc8d0c8b94b1dd8c8a9779c8dd
SSDEEP

6144:YH3cqockH58E4f9FIUpOVw86CmOJfTo9FIUIhrcflDMxy9FIUpOVw86CmOJfTo9t:OOpaAD6RrI1+lDMEAD6Rr2NWL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  328c4165accbe1a23cfe28feeb3742959d1be417a7aa8fc385ae16e545a1da26
- Size
  
  368KB
- MD5
  
  18a3c249b719eaf461e177961b505198
- SHA1
  
  fc2dff4b5c88b996aed546e8649a9e2108bf1fd2
- SHA256
  
  328c4165accbe1a23cfe28feeb3742959d1be417a7aa8fc385ae16e545a1da26
- SHA512
  
  3490a4bb2e3de2c6cefeeea13ff55936a2a1f6f0006d8960f468201e6fd8a27ffe8a75e63ac5c74c9b958ec76daa071ec77bddfc8d0c8b94b1dd8c8a9779c8dd
- SSDEEP
  
  6144:YH3cqockH58E4f9FIUpOVw86CmOJfTo9FIUIhrcflDMxy9FIUpOVw86CmOJfTo9t:OOpaAD6RrI1+lDMEAD6Rr2NWL
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2