a72befb8883af9444d7ba5b0bff3283112ac906d52ebbc944e3dbf18d52c9922 | Triage

Sharing

General

Target

a72befb8883af9444d7ba5b0bff3283112ac906d52ebbc944e3dbf18d52c9922
Size

112KB
Sample

240422-bwebssdf64
MD5

b464590b44f2db4b6f0e2a62a85b86a6
SHA1

84f21efa2f155afdc4fad8670615090f05c3ac2f
SHA256

a72befb8883af9444d7ba5b0bff3283112ac906d52ebbc944e3dbf18d52c9922
SHA512

a136bd1a9ec673b73e7cb354d2c9847995fd424c56ad4f7e050b97b963defc266f0d989de80e946923354a7a68e64f2fe9bb8507f557f424ecd74414ea76675d
SSDEEP

3072:X25YuyAP0aNpFeJLCQnFIBOaCUjKaVLjd:m5Yu3NpFeJLbnCBbC+nVLjd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a72befb8883af9444d7ba5b0bff3283112ac906d52ebbc944e3dbf18d52c9922
- Size
  
  112KB
- MD5
  
  b464590b44f2db4b6f0e2a62a85b86a6
- SHA1
  
  84f21efa2f155afdc4fad8670615090f05c3ac2f
- SHA256
  
  a72befb8883af9444d7ba5b0bff3283112ac906d52ebbc944e3dbf18d52c9922
- SHA512
  
  a136bd1a9ec673b73e7cb354d2c9847995fd424c56ad4f7e050b97b963defc266f0d989de80e946923354a7a68e64f2fe9bb8507f557f424ecd74414ea76675d
- SSDEEP
  
  3072:X25YuyAP0aNpFeJLCQnFIBOaCUjKaVLjd:m5Yu3NpFeJLbnCBbC+nVLjd
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2