020448cb5cd4499161113420d0446bbf4c453fa0d92c76c077e9b886ba707954 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

020448cb5cd4499161113420d0446bbf4c453fa0d92c76c077e9b886ba707954
Size

704KB
Sample

240428-wrmgtsdg4z
MD5

dbe43f48b069190f6d6a0cfdecf1967b
SHA1

1971e29980421da3e3ad33d3a2fe081355bae399
SHA256

020448cb5cd4499161113420d0446bbf4c453fa0d92c76c077e9b886ba707954
SHA512

364c0c064d5fbd3f03a6e104c49dc3f8cb2c89ac40d87ccc491fa509ee9c666817be010d3170bb13d946cca2a36e6c654af4f0382eccc96376adb99615c02b6c
SSDEEP

12288:MuQYOSV3JCfp5fwQb45fwPPh2kkkkK4kXkkkkkkkkl888888888888888888nusu:neSV5Cfp5fB45foPh2kkkkK4kXkkkkkr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  020448cb5cd4499161113420d0446bbf4c453fa0d92c76c077e9b886ba707954
- Size
  
  704KB
- MD5
  
  dbe43f48b069190f6d6a0cfdecf1967b
- SHA1
  
  1971e29980421da3e3ad33d3a2fe081355bae399
- SHA256
  
  020448cb5cd4499161113420d0446bbf4c453fa0d92c76c077e9b886ba707954
- SHA512
  
  364c0c064d5fbd3f03a6e104c49dc3f8cb2c89ac40d87ccc491fa509ee9c666817be010d3170bb13d946cca2a36e6c654af4f0382eccc96376adb99615c02b6c
- SSDEEP
  
  12288:MuQYOSV3JCfp5fwQb45fwPPh2kkkkK4kXkkkkkkkkl888888888888888888nusu:neSV5Cfp5fB45foPh2kkkkK4kXkkkkkr
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2