cff3d15370976be4c949f0316ae271b64bad2d3441a7b1db5f2e639dd4002d98 | Triage

Sharing

General

Target

cff3d15370976be4c949f0316ae271b64bad2d3441a7b1db5f2e639dd4002d98
Size

367KB
Sample

240505-e7ctwsfb4t
MD5

c3e355fdd467327000672a0282b3cb5a
SHA1

39beb1c8ffa98e3493c9441e45b934fadb27959d
SHA256

cff3d15370976be4c949f0316ae271b64bad2d3441a7b1db5f2e639dd4002d98
SHA512

731bd5598372f8fff72f2bf4ba794e4e68a50d6c963cc70c69af3dbcaa6eea97d3f75f636ec357e68a83af23040d805dff2c26fbe6c12dbdde40d016addcba26
SSDEEP

6144:W7mtca3t/+XvXtnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:W7tShatJCXqP77D7FB24lwR45FB24lqM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cff3d15370976be4c949f0316ae271b64bad2d3441a7b1db5f2e639dd4002d98
- Size
  
  367KB
- MD5
  
  c3e355fdd467327000672a0282b3cb5a
- SHA1
  
  39beb1c8ffa98e3493c9441e45b934fadb27959d
- SHA256
  
  cff3d15370976be4c949f0316ae271b64bad2d3441a7b1db5f2e639dd4002d98
- SHA512
  
  731bd5598372f8fff72f2bf4ba794e4e68a50d6c963cc70c69af3dbcaa6eea97d3f75f636ec357e68a83af23040d805dff2c26fbe6c12dbdde40d016addcba26
- SSDEEP
  
  6144:W7mtca3t/+XvXtnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:W7tShatJCXqP77D7FB24lwR45FB24lqM
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2