af1f13f6b01d7dbe862806612ff8b56c7380b33c4b3eb486ed5c5f49dfe67ed4 | Triage

Sharing

General

Target

af1f13f6b01d7dbe862806612ff8b56c7380b33c4b3eb486ed5c5f49dfe67ed4
Size

80KB
Sample

240420-bx3qsadh2s
MD5

51907e24de4a4a4f92109a849d43d120
SHA1

2a65daafe7addbb4c72a575baee3ad6557894c3c
SHA256

af1f13f6b01d7dbe862806612ff8b56c7380b33c4b3eb486ed5c5f49dfe67ed4
SHA512

c74b7d9a44f0d82c1b72a6cc2c7854f5b9e62c90838ddba2350944d7a6de03d58e1c0ee79dfcb0b917241fdee2a818ecba56e628db8b0835c92fa00781f27db3
SSDEEP

1536:rtSyiPZPPP/qHKCgN59i2Lk2S5DUHRbPa9b6i+sIk:r4yoRYgfZfS5DSCopsIk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  af1f13f6b01d7dbe862806612ff8b56c7380b33c4b3eb486ed5c5f49dfe67ed4
- Size
  
  80KB
- MD5
  
  51907e24de4a4a4f92109a849d43d120
- SHA1
  
  2a65daafe7addbb4c72a575baee3ad6557894c3c
- SHA256
  
  af1f13f6b01d7dbe862806612ff8b56c7380b33c4b3eb486ed5c5f49dfe67ed4
- SHA512
  
  c74b7d9a44f0d82c1b72a6cc2c7854f5b9e62c90838ddba2350944d7a6de03d58e1c0ee79dfcb0b917241fdee2a818ecba56e628db8b0835c92fa00781f27db3
- SSDEEP
  
  1536:rtSyiPZPPP/qHKCgN59i2Lk2S5DUHRbPa9b6i+sIk:r4yoRYgfZfS5DSCopsIk
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2