d2580c6ed6d3704b57ebfb8cfee67acafb939583c66d4739694b0b496031c829 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2580c6ed6d3704b57ebfb8cfee67acafb939583c66d4739694b0b496031c829
Size

80KB
Sample

240519-295n1sgd62
MD5

8a99078692a512ce6cc5364636f5b72c
SHA1

e98f667d96ba0ff57640f314a151e50da7b50d19
SHA256

d2580c6ed6d3704b57ebfb8cfee67acafb939583c66d4739694b0b496031c829
SHA512

4de671dc1a62d2712aaea4b2f11e32407d2b2958c55e9f102aadd127121a1885ae8342268937791b7c4fe87a2e6098df12fbe68000164eca3cb56ea8bcbedac0
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOaRibZ+:GhfxHNIreQm+HiVRUk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  d2580c6ed6d3704b57ebfb8cfee67acafb939583c66d4739694b0b496031c829
- Size
  
  80KB
- MD5
  
  8a99078692a512ce6cc5364636f5b72c
- SHA1
  
  e98f667d96ba0ff57640f314a151e50da7b50d19
- SHA256
  
  d2580c6ed6d3704b57ebfb8cfee67acafb939583c66d4739694b0b496031c829
- SHA512
  
  4de671dc1a62d2712aaea4b2f11e32407d2b2958c55e9f102aadd127121a1885ae8342268937791b7c4fe87a2e6098df12fbe68000164eca3cb56ea8bcbedac0
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOaRibZ+:GhfxHNIreQm+HiVRUk
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2