13036894454657ae8c664237c5699c9add8e9ede62797265bc27e3a27412331d | Triage

Submit
Reports

Overview

overview

7

Static

static

1

436235558_..._n.jpg

windows11-21h2-x64

7

Sharing

General

Target

436235558_758248486447299_6423657346695267865_n.jpg
Size

43KB
Sample

240420-pwffragh78
MD5

2b93648dcca3baeacdb1154e53ddee92
SHA1

2a0766ebb636549f65fb4bb99b08bee50d5810ba
SHA256

13036894454657ae8c664237c5699c9add8e9ede62797265bc27e3a27412331d
SHA512

d742f525f564ed4bd3b74074139da57ad073ff41b97c0f1ad04817e286e7095382a7e522ff129dba1244b35dc71efefc93fdbc915e0fcfcdb08190680e238fdb
SSDEEP

768:XFiuyXUQ7nNdpu217se3GYMe7B7ofWVkORie1LvJtjPJ9GuE41ptYiVFNFABUF:XFiu0U8NvdaGB0f7O9LvnjxauiO2mF

Score

7^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

436235558_758248486447299_6423657346695267865_n.jpg

Resource

win11-20240412-en

discovery persistence

windows11-21h2-x64

25 signatures

1800 seconds

Malware Config

Targets

- Target
  
  436235558_758248486447299_6423657346695267865_n.jpg
- Size
  
  43KB
- MD5
  
  2b93648dcca3baeacdb1154e53ddee92
- SHA1
  
  2a0766ebb636549f65fb4bb99b08bee50d5810ba
- SHA256
  
  13036894454657ae8c664237c5699c9add8e9ede62797265bc27e3a27412331d
- SHA512
  
  d742f525f564ed4bd3b74074139da57ad073ff41b97c0f1ad04817e286e7095382a7e522ff129dba1244b35dc71efefc93fdbc915e0fcfcdb08190680e238fdb
- SSDEEP
  
  768:XFiuyXUQ7nNdpu217se3GYMe7B7ofWVkORie1LvJtjPJ9GuE41ptYiVFNFABUF:XFiu0U8NvdaGB0f7O9LvnjxauiO2mF
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

© 2018-2025

Terms | Privacy