c52e55d927dfa1050e327681f4bb6c326e140c8d1f6b15cdec935ed9eaa32024 | Triage

Sharing

General

Target

run-scanvirus-startup.exe
Size

91KB
Sample

240520-3fwdxsba47
MD5

66c623e47a13b30a3064a180a19dd1af
SHA1

81b685fb44e1fcdb8a761a309a67c54efe9ec3fb
SHA256

c52e55d927dfa1050e327681f4bb6c326e140c8d1f6b15cdec935ed9eaa32024
SHA512

9d3fd5aba0d847ff0f2ae455079d52085fa8a6eae524b5ae6914e21aca9ef84cdd363824ed5198164bcb526750f1615ef1670053624fe74f34c0706e12ede2bc
SSDEEP

1536:X7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIf8wWAOc:L7DhdC6kzWypvaQ0FxyNTBf85I

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  run-scanvirus-startup.exe
- Size
  
  91KB
- MD5
  
  66c623e47a13b30a3064a180a19dd1af
- SHA1
  
  81b685fb44e1fcdb8a761a309a67c54efe9ec3fb
- SHA256
  
  c52e55d927dfa1050e327681f4bb6c326e140c8d1f6b15cdec935ed9eaa32024
- SHA512
  
  9d3fd5aba0d847ff0f2ae455079d52085fa8a6eae524b5ae6914e21aca9ef84cdd363824ed5198164bcb526750f1615ef1670053624fe74f34c0706e12ede2bc
- SSDEEP
  
  1536:X7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIf8wWAOc:L7DhdC6kzWypvaQ0FxyNTBf85I
Score

8^/10

execution persistence
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence

behavioral2