f4d7d65c8f2913da688d01a2c37a2e35ca61fe8a6aea498c72784aaecaabf1b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4d7d65c8f2913da688d01a2c37a2e35ca61fe8a6aea498c72784aaecaabf1b3
Size

320KB
Sample

240422-frs2lsgb8v
MD5

b80e3a7876d81f59cac93f92321705a7
SHA1

a585f9e355d1ef46137fa756066a4703e8934e83
SHA256

f4d7d65c8f2913da688d01a2c37a2e35ca61fe8a6aea498c72784aaecaabf1b3
SHA512

f8980cfc9aae0aedc7d6e15ed8ad34d29a7cabea450533714424c7a6e25291aac012f7c8ef7c0bdef09acb3b94aa8072a4e5013f0e9a84f4dbf81f95851b0a33
SSDEEP

6144:mDRRvluY/m05XUEtMEX6vluZV4U/vlf0DrBqvl8ZV4U/vlfl+9Q:mDRRvjm05XEvG6IveDVqvQ6IvP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f4d7d65c8f2913da688d01a2c37a2e35ca61fe8a6aea498c72784aaecaabf1b3
- Size
  
  320KB
- MD5
  
  b80e3a7876d81f59cac93f92321705a7
- SHA1
  
  a585f9e355d1ef46137fa756066a4703e8934e83
- SHA256
  
  f4d7d65c8f2913da688d01a2c37a2e35ca61fe8a6aea498c72784aaecaabf1b3
- SHA512
  
  f8980cfc9aae0aedc7d6e15ed8ad34d29a7cabea450533714424c7a6e25291aac012f7c8ef7c0bdef09acb3b94aa8072a4e5013f0e9a84f4dbf81f95851b0a33
- SSDEEP
  
  6144:mDRRvluY/m05XUEtMEX6vluZV4U/vlf0DrBqvl8ZV4U/vlfl+9Q:mDRRvjm05XEvG6IveDVqvQ6IvP
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2