9e3f9d510a72da4f891ceb0df8afa7cb28e057a68792180b12e6f2002baa9f4b | Triage

Sharing

General

Target

9e3f9d510a72da4f891ceb0df8afa7cb28e057a68792180b12e6f2002baa9f4b
Size

135KB
Sample

240419-be9rdada7z
MD5

d03569f9c824ae0dd0b84f6e47c77f82
SHA1

16b05cce47fcb76eb79ab52609fa3f8bceeccf10
SHA256

9e3f9d510a72da4f891ceb0df8afa7cb28e057a68792180b12e6f2002baa9f4b
SHA512

a6e1ca30190712f9fe9157185bfdb8d8836d92aba16fc68cbbc130f3392e6d2242028698101f535133d8ee94d80a1f26cc29853f659355b9434f3db983e77b00
SSDEEP

1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbV9H:UVqoCl/YgjxEufVU0TbTyDDal/H

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  9e3f9d510a72da4f891ceb0df8afa7cb28e057a68792180b12e6f2002baa9f4b
- Size
  
  135KB
- MD5
  
  d03569f9c824ae0dd0b84f6e47c77f82
- SHA1
  
  16b05cce47fcb76eb79ab52609fa3f8bceeccf10
- SHA256
  
  9e3f9d510a72da4f891ceb0df8afa7cb28e057a68792180b12e6f2002baa9f4b
- SHA512
  
  a6e1ca30190712f9fe9157185bfdb8d8836d92aba16fc68cbbc130f3392e6d2242028698101f535133d8ee94d80a1f26cc29853f659355b9434f3db983e77b00
- SSDEEP
  
  1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbV9H:UVqoCl/YgjxEufVU0TbTyDDal/H
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence