a5dd64d94e3bc2edc0145f3d8b8afe768ac02e463e5f100590e6c642cd50ea86 | Triage

Sharing

General

Target

a5dd64d94e3bc2edc0145f3d8b8afe768ac02e463e5f100590e6c642cd50ea86
Size

128KB
Sample

240505-c9v25sce3s
MD5

be26a33718dfad3e747e3c3d0fd12237
SHA1

5e5d62d00695357481e1c75cd702409ce7dc2009
SHA256

a5dd64d94e3bc2edc0145f3d8b8afe768ac02e463e5f100590e6c642cd50ea86
SHA512

797808ef2c3bb4934bf43bdc50643df39f8ac0800bb9a703553b31cc56913b19bfd11987af37d3aab0fc9b0e410fc8a0d6ac161d8536f0c22049988cbc8072ec
SSDEEP

3072:mQdT2ulb9jzsR41QWP4at++lc802eS5pAd:tF9oR41Nltflc852

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a5dd64d94e3bc2edc0145f3d8b8afe768ac02e463e5f100590e6c642cd50ea86
- Size
  
  128KB
- MD5
  
  be26a33718dfad3e747e3c3d0fd12237
- SHA1
  
  5e5d62d00695357481e1c75cd702409ce7dc2009
- SHA256
  
  a5dd64d94e3bc2edc0145f3d8b8afe768ac02e463e5f100590e6c642cd50ea86
- SHA512
  
  797808ef2c3bb4934bf43bdc50643df39f8ac0800bb9a703553b31cc56913b19bfd11987af37d3aab0fc9b0e410fc8a0d6ac161d8536f0c22049988cbc8072ec
- SSDEEP
  
  3072:mQdT2ulb9jzsR41QWP4at++lc802eS5pAd:tF9oR41Nltflc852
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2