eb85313d8402d14dc52b384b468478f0fea35d1ac30231a6ed12e647af5ed3bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb85313d8402d14dc52b384b468478f0fea35d1ac30231a6ed12e647af5ed3bb
Size

100KB
Sample

240423-fzwsgade5x
MD5

fc193d936fafd351721e414cf88182a5
SHA1

7615dfab5d15f0f4cdfe2a91b2aa6184b2f08027
SHA256

eb85313d8402d14dc52b384b468478f0fea35d1ac30231a6ed12e647af5ed3bb
SHA512

f292320a437ff6ef6dbfd20b516f71951274f3bf650f66f23b38332710eb0ca42f98023aa81a14cfbdb3e5442c09e4d3f2464ecbf22e84c0abcea83fc7e33760
SSDEEP

3072:bcEYStErUycAdcyk6O+otfRRIRRRRRRRRRRRRRRRSyTRRRRRRRZRRRRRRz0pigbV:A8ErcAdJLO+oBRRIRRRRRRRRRRRRRRRe

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  eb85313d8402d14dc52b384b468478f0fea35d1ac30231a6ed12e647af5ed3bb
- Size
  
  100KB
- MD5
  
  fc193d936fafd351721e414cf88182a5
- SHA1
  
  7615dfab5d15f0f4cdfe2a91b2aa6184b2f08027
- SHA256
  
  eb85313d8402d14dc52b384b468478f0fea35d1ac30231a6ed12e647af5ed3bb
- SHA512
  
  f292320a437ff6ef6dbfd20b516f71951274f3bf650f66f23b38332710eb0ca42f98023aa81a14cfbdb3e5442c09e4d3f2464ecbf22e84c0abcea83fc7e33760
- SSDEEP
  
  3072:bcEYStErUycAdcyk6O+otfRRIRRRRRRRRRRRRRRRSyTRRRRRRRZRRRRRRz0pigbV:A8ErcAdJLO+oBRRIRRRRRRRRRRRRRRRe
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2