5c1b7f37b8fae2ee1e0f0748f470cb1894e87caa7878c43654e7c4df937e2d8d | Triage

Sharing

General

Target

5c1b7f37b8fae2ee1e0f0748f470cb1894e87caa7878c43654e7c4df937e2d8d.exe
Size

240KB
Sample

240522-3wfcmsdh56
MD5

0f43ba235fc46af3613bb88b6045e170
SHA1

c258e62045b0b096d93d2d4ec5e7de0f1bef5f80
SHA256

5c1b7f37b8fae2ee1e0f0748f470cb1894e87caa7878c43654e7c4df937e2d8d
SHA512

ae649bd52d7648d52228200f66cd927a97b7015a80a1368df6d32ba3a4afcd4cef9b62b35955ab873dd9b77f2e02ecfccddfbe7b71830b8f2919e7c6e9f088a6
SSDEEP

6144:Cck4WVKe15RH39/GzzehGyZ6YugQdjGG1wsKm6eBgdQbkoKTBEA:CckvKe15x39YzuGyXu1jGG1wsGeBgRT3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5c1b7f37b8fae2ee1e0f0748f470cb1894e87caa7878c43654e7c4df937e2d8d.exe
- Size
  
  240KB
- MD5
  
  0f43ba235fc46af3613bb88b6045e170
- SHA1
  
  c258e62045b0b096d93d2d4ec5e7de0f1bef5f80
- SHA256
  
  5c1b7f37b8fae2ee1e0f0748f470cb1894e87caa7878c43654e7c4df937e2d8d
- SHA512
  
  ae649bd52d7648d52228200f66cd927a97b7015a80a1368df6d32ba3a4afcd4cef9b62b35955ab873dd9b77f2e02ecfccddfbe7b71830b8f2919e7c6e9f088a6
- SSDEEP
  
  6144:Cck4WVKe15RH39/GzzehGyZ6YugQdjGG1wsKm6eBgdQbkoKTBEA:CckvKe15x39YzuGyXu1jGG1wsGeBgRT3
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2