a3e48cf8947f839d542b4ae3b735d204266b143f1d586b1318367bf3cf7f7fc5 | Triage

Resubmissions

20/04/2024, 20:33

240420-zcafhahc74 7

Sharing

Copy URL Twitter E-mail

General

Target

EXE_Bomb_Windows.exe
Size

5.8MB
Sample

240420-zcafhahc74
MD5

321a25c61bb513862f8fffb5db7a4489
SHA1

f7a1949ebcd01c1ce4175a32ccd1e1dae9e5811b
SHA256

a3e48cf8947f839d542b4ae3b735d204266b143f1d586b1318367bf3cf7f7fc5
SHA512

bef81b668076727f53a94a617112034fa0f8704dcc67cfa3e3d4f2a32e6cb536d07b336b35ae4154c880e270eb27649698e97c5a9bebece892374b135d747906
SSDEEP

98304:dZEFCwmXHQktlw2Kce26t+JhVWn2xxjsUf2hIzsbLTCuyC93ymWRNNxQbNt:daCf3tlKXqXWnAXfgIzK6uV5iN

Score

7^/10

persistence pyinstaller

Malware Config

Targets

- Target
  
  EXE_Bomb_Windows.exe
- Size
  
  5.8MB
- MD5
  
  321a25c61bb513862f8fffb5db7a4489
- SHA1
  
  f7a1949ebcd01c1ce4175a32ccd1e1dae9e5811b
- SHA256
  
  a3e48cf8947f839d542b4ae3b735d204266b143f1d586b1318367bf3cf7f7fc5
- SHA512
  
  bef81b668076727f53a94a617112034fa0f8704dcc67cfa3e3d4f2a32e6cb536d07b336b35ae4154c880e270eb27649698e97c5a9bebece892374b135d747906
- SSDEEP
  
  98304:dZEFCwmXHQktlw2Kce26t+JhVWn2xxjsUf2hIzsbLTCuyC93ymWRNNxQbNt:daCf3tlKXqXWnAXfgIzK6uV5iN
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4