4384d855ab65eeb2ad890bd447d96dcb672f078b2145bd16fb4e51dd53cba63e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4384d855ab65eeb2ad890bd447d96dcb672f078b2145bd16fb4e51dd53cba63e
Size

117KB
Sample

240428-zet8pagf22
MD5

cdf47d45f69117411de0d311ee2a0a57
SHA1

98b689a739b357bec3a4c1c7c64c640e73e4debf
SHA256

4384d855ab65eeb2ad890bd447d96dcb672f078b2145bd16fb4e51dd53cba63e
SHA512

479e9411fff94966e0193205c4c662d0e56de5ab5e3ec377913649ca8f48f22a5e03fa303efbf6f36dccc053b59cc682d25f5c5c00e44e5c64cffcf5de890200
SSDEEP

3072:80JiiavMlNqBygysKG90BZyIFFfUrQlM:82i1vMz169yyITfMQ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4384d855ab65eeb2ad890bd447d96dcb672f078b2145bd16fb4e51dd53cba63e
- Size
  
  117KB
- MD5
  
  cdf47d45f69117411de0d311ee2a0a57
- SHA1
  
  98b689a739b357bec3a4c1c7c64c640e73e4debf
- SHA256
  
  4384d855ab65eeb2ad890bd447d96dcb672f078b2145bd16fb4e51dd53cba63e
- SHA512
  
  479e9411fff94966e0193205c4c662d0e56de5ab5e3ec377913649ca8f48f22a5e03fa303efbf6f36dccc053b59cc682d25f5c5c00e44e5c64cffcf5de890200
- SSDEEP
  
  3072:80JiiavMlNqBygysKG90BZyIFFfUrQlM:82i1vMz169yyITfMQ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2