a40c17406a5f508494fc2adbf6f8398998e88a63bb17704b4767cb1db8f2fa2c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a40c17406a5f508494fc2adbf6f8398998e88a63bb17704b4767cb1db8f2fa2c
Size

488KB
Sample

240514-ay7kpaca5s
MD5

153664331784b537506d003dc3e9dd36
SHA1

8c629ae9a3c8847cfcf69530ae054ca162fd3743
SHA256

a40c17406a5f508494fc2adbf6f8398998e88a63bb17704b4767cb1db8f2fa2c
SHA512

6a508106e2f5773d7057e0a39c980459dfd28b40a0b2be35cf43d59bb644756f8a13f75e8c7213b13dfbc61e6e53100dec276101c34eaf9fd0385145d09f5c03
SSDEEP

6144:OMcuapNC3iOuon/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uon2KO:vNIVyeNIVy2oIvPKiKO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a40c17406a5f508494fc2adbf6f8398998e88a63bb17704b4767cb1db8f2fa2c
- Size
  
  488KB
- MD5
  
  153664331784b537506d003dc3e9dd36
- SHA1
  
  8c629ae9a3c8847cfcf69530ae054ca162fd3743
- SHA256
  
  a40c17406a5f508494fc2adbf6f8398998e88a63bb17704b4767cb1db8f2fa2c
- SHA512
  
  6a508106e2f5773d7057e0a39c980459dfd28b40a0b2be35cf43d59bb644756f8a13f75e8c7213b13dfbc61e6e53100dec276101c34eaf9fd0385145d09f5c03
- SSDEEP
  
  6144:OMcuapNC3iOuon/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uon2KO:vNIVyeNIVy2oIvPKiKO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2