6ec1d2f802b6f69a029210411da9141a630467ac7cf29ed67f4184f148089719 | Triage

Sharing

General

Target

6ec1d2f802b6f69a029210411da9141a630467ac7cf29ed67f4184f148089719.exe
Size

280KB
Sample

240523-bz66zsha84
MD5

0539ff67afad4db255b04d766ffded90
SHA1

6016381dfa81f5186aac252f06b8e88bb4bd6a4d
SHA256

6ec1d2f802b6f69a029210411da9141a630467ac7cf29ed67f4184f148089719
SHA512

ff70279f72ae879e524c49af4ae5d3fd49364e36149a2a38ec27db832956d47b010394b87d056ccf94f535a26d6bd9de60f7b6cb103ac932b435d4ee48effba4
SSDEEP

6144:IkwBM3zuwq5i/GOORjMmRUoooooooooooooooooooooooooy/G3:Ij6uw8i//OVLCoooooooooooooooooo0

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6ec1d2f802b6f69a029210411da9141a630467ac7cf29ed67f4184f148089719.exe
- Size
  
  280KB
- MD5
  
  0539ff67afad4db255b04d766ffded90
- SHA1
  
  6016381dfa81f5186aac252f06b8e88bb4bd6a4d
- SHA256
  
  6ec1d2f802b6f69a029210411da9141a630467ac7cf29ed67f4184f148089719
- SHA512
  
  ff70279f72ae879e524c49af4ae5d3fd49364e36149a2a38ec27db832956d47b010394b87d056ccf94f535a26d6bd9de60f7b6cb103ac932b435d4ee48effba4
- SSDEEP
  
  6144:IkwBM3zuwq5i/GOORjMmRUoooooooooooooooooooooooooy/G3:Ij6uw8i//OVLCoooooooooooooooooo0
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2