3f9fe6c472640cb02bca316d64df12c1faa9dc6e73b0cc5257ee971fcc224167 | Triage

Sharing

General

Target

3f9fe6c472640cb02bca316d64df12c1faa9dc6e73b0cc5257ee971fcc224167
Size

256KB
Sample

240509-zkl49sgh98
MD5

c25159fdcc5dfd1135b8fbad1a2ee5f4
SHA1

0842b5fa91744a62aedde0a2d44ca5d1f59d24c2
SHA256

3f9fe6c472640cb02bca316d64df12c1faa9dc6e73b0cc5257ee971fcc224167
SHA512

83e27ace1cf9e99927d636ae557ce4df424d710898fe8c39981e3309e2ef3bd97817b858644d4d1e7436ac25405c2755a95bc04cab35a0a1711054bcd21251f6
SSDEEP

6144:AMtyg66y8YvTLp103ETiZ0moGP/2dga1mcywM:AMFYpScXwuR1mKM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3f9fe6c472640cb02bca316d64df12c1faa9dc6e73b0cc5257ee971fcc224167
- Size
  
  256KB
- MD5
  
  c25159fdcc5dfd1135b8fbad1a2ee5f4
- SHA1
  
  0842b5fa91744a62aedde0a2d44ca5d1f59d24c2
- SHA256
  
  3f9fe6c472640cb02bca316d64df12c1faa9dc6e73b0cc5257ee971fcc224167
- SHA512
  
  83e27ace1cf9e99927d636ae557ce4df424d710898fe8c39981e3309e2ef3bd97817b858644d4d1e7436ac25405c2755a95bc04cab35a0a1711054bcd21251f6
- SSDEEP
  
  6144:AMtyg66y8YvTLp103ETiZ0moGP/2dga1mcywM:AMFYpScXwuR1mKM
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2