b682d77171ec45b49c12193f5d83d1f0e1d2c7db6bcc54758a245427037ae516 | Triage

Sharing

General

Target

b682d77171ec45b49c12193f5d83d1f0e1d2c7db6bcc54758a245427037ae516
Size

246KB
Sample

240520-cczztsec56
MD5

da58ff3aaf6e99d70b13dc6a0d126402
SHA1

a731287be39f3b7b9977295f184ec8488353d5da
SHA256

b682d77171ec45b49c12193f5d83d1f0e1d2c7db6bcc54758a245427037ae516
SHA512

985aa981ccdb6f774b593a118546aa644d6c12d58a11a8ca2a8e759ff193116455b22321b3acf98e746761d2f40f6441a7cd7d2c7a49ede3314b42d48a65155a
SSDEEP

3072:rE+UNCmcFD/j3zfDcnr/j37PzHLfDXbvTnr/j37PzHLfDXbvTnr/j37PzHLfbvc2:rEvCFKUL2B1xBm102VQlterS9HrX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b682d77171ec45b49c12193f5d83d1f0e1d2c7db6bcc54758a245427037ae516
- Size
  
  246KB
- MD5
  
  da58ff3aaf6e99d70b13dc6a0d126402
- SHA1
  
  a731287be39f3b7b9977295f184ec8488353d5da
- SHA256
  
  b682d77171ec45b49c12193f5d83d1f0e1d2c7db6bcc54758a245427037ae516
- SHA512
  
  985aa981ccdb6f774b593a118546aa644d6c12d58a11a8ca2a8e759ff193116455b22321b3acf98e746761d2f40f6441a7cd7d2c7a49ede3314b42d48a65155a
- SSDEEP
  
  3072:rE+UNCmcFD/j3zfDcnr/j37PzHLfDXbvTnr/j37PzHLfDXbvTnr/j37PzHLfbvc2:rEvCFKUL2B1xBm102VQlterS9HrX
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2