034d980ac9645326d20e999134cdafd1112068bb3c8c65b490c561445a042059 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

034d980ac9645326d20e999134cdafd1112068bb3c8c65b490c561445a042059
Size

128KB
Sample

240428-wt77badh2z
MD5

36028a32db061e5bcba5c23b81fde938
SHA1

802f05ad050f32d8b59f574df2efaf28f79a6822
SHA256

034d980ac9645326d20e999134cdafd1112068bb3c8c65b490c561445a042059
SHA512

a8ca99f8fbd12016ed1bdbff5d2a5bc1926d085f504de238477655c1e77155a8168dfd8d848b5c8cfcae96e797f70401824ee78b8cce214641e40e0859ec819f
SSDEEP

3072:EiwIsRf732PwBzYfkxfWS5DSCopsIm81+jq2832dp5Xp+7+10l:EVX732PMuSZSCZj81+jq4peBl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  034d980ac9645326d20e999134cdafd1112068bb3c8c65b490c561445a042059
- Size
  
  128KB
- MD5
  
  36028a32db061e5bcba5c23b81fde938
- SHA1
  
  802f05ad050f32d8b59f574df2efaf28f79a6822
- SHA256
  
  034d980ac9645326d20e999134cdafd1112068bb3c8c65b490c561445a042059
- SHA512
  
  a8ca99f8fbd12016ed1bdbff5d2a5bc1926d085f504de238477655c1e77155a8168dfd8d848b5c8cfcae96e797f70401824ee78b8cce214641e40e0859ec819f
- SSDEEP
  
  3072:EiwIsRf732PwBzYfkxfWS5DSCopsIm81+jq2832dp5Xp+7+10l:EVX732PMuSZSCZj81+jq4peBl
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2