3af96e865f0edf4646af2c18dfbd1015c9f86892e4eafb2759d80817bc7a68b7 | Triage

Sharing

General

Target

3af96e865f0edf4646af2c18dfbd1015c9f86892e4eafb2759d80817bc7a68b7
Size

400KB
Sample

240418-zlmr7aee45
MD5

bad454091768b1d59d3afce2c30c1873
SHA1

b534045930f515d0b4bc5a130a431c228a90e317
SHA256

3af96e865f0edf4646af2c18dfbd1015c9f86892e4eafb2759d80817bc7a68b7
SHA512

be483b8b6c934580be77cac357de7021d0e47e4b0e8028647f26fbf0f8094eddfdd2adf6a9adee1e4cea1eb6b62bc1cd6fd1e6a6810f591ecab12e73c657912b
SSDEEP

6144:D8oms22cKZ4PvlgZVoBqvl8ZV4U/vlfl+9DvlEZV4U/vlf0DrBqvl8ZV1:D18vAgqvQ6IvYvc6IveDVqvQ/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3af96e865f0edf4646af2c18dfbd1015c9f86892e4eafb2759d80817bc7a68b7
- Size
  
  400KB
- MD5
  
  bad454091768b1d59d3afce2c30c1873
- SHA1
  
  b534045930f515d0b4bc5a130a431c228a90e317
- SHA256
  
  3af96e865f0edf4646af2c18dfbd1015c9f86892e4eafb2759d80817bc7a68b7
- SHA512
  
  be483b8b6c934580be77cac357de7021d0e47e4b0e8028647f26fbf0f8094eddfdd2adf6a9adee1e4cea1eb6b62bc1cd6fd1e6a6810f591ecab12e73c657912b
- SSDEEP
  
  6144:D8oms22cKZ4PvlgZVoBqvl8ZV4U/vlfl+9DvlEZV4U/vlf0DrBqvl8ZV1:D18vAgqvQ6IvYvc6IveDVqvQ/
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2