a1fd1c0c96634b2e7bf313dc875ce676703f8d67a0d0349045cec60ebf1c84f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1fd1c0c96634b2e7bf313dc875ce676703f8d67a0d0349045cec60ebf1c84f3
Size

100KB
Sample

240521-cglb8seh9w
MD5

aff057120dd1d236fb1dbe2bf0813d5a
SHA1

c6dc48042c606fc0c4506f2bdb99d7862b4c0869
SHA256

a1fd1c0c96634b2e7bf313dc875ce676703f8d67a0d0349045cec60ebf1c84f3
SHA512

15e60e489698bbd491d3477a4c197df4976f530c4c367c0c8f057fec398a61552ee0c9b7ec5d0c553e7fb5a519991ee2389416f9e0f55f80d2c96467a38dc306
SSDEEP

1536:wRiwE14IxDku2ON+sh150eL3lqTCCp1VLVkrG5OHnYYYYYYYYYYYYYYYYYYYYYYd:ISC3Q/hX0ilqTtP1ur27nuMFR8n5j8YD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a1fd1c0c96634b2e7bf313dc875ce676703f8d67a0d0349045cec60ebf1c84f3
- Size
  
  100KB
- MD5
  
  aff057120dd1d236fb1dbe2bf0813d5a
- SHA1
  
  c6dc48042c606fc0c4506f2bdb99d7862b4c0869
- SHA256
  
  a1fd1c0c96634b2e7bf313dc875ce676703f8d67a0d0349045cec60ebf1c84f3
- SHA512
  
  15e60e489698bbd491d3477a4c197df4976f530c4c367c0c8f057fec398a61552ee0c9b7ec5d0c553e7fb5a519991ee2389416f9e0f55f80d2c96467a38dc306
- SSDEEP
  
  1536:wRiwE14IxDku2ON+sh150eL3lqTCCp1VLVkrG5OHnYYYYYYYYYYYYYYYYYYYYYYd:ISC3Q/hX0ilqTtP1ur27nuMFR8n5j8YD
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2