18a0dc3743a6d5322cbff2f3adc8fbe3299c308adfbe4025dca164470aa31e02 | Triage

Sharing

General

Target

explorer.bin
Size

135KB
Sample

240531-mr8wdsff63
MD5

28788445ac7f9bf8c9abbae84df847ca
SHA1

996e750a8b34bc225c29baab8d908980932303df
SHA256

18a0dc3743a6d5322cbff2f3adc8fbe3299c308adfbe4025dca164470aa31e02
SHA512

b09a39957c29672cd8d610ebc51bf904e5d90a16d64b47c2ac24038c5ae8d43167cf8bfb1f8c364d0e5603261550d2e644a8e6964441774fbc75e0fd8dcb3fb4
SSDEEP

1536:XfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbgWV:XVqoCl/YgjxEufVU0TbTyDDalVV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  explorer.bin
- Size
  
  135KB
- MD5
  
  28788445ac7f9bf8c9abbae84df847ca
- SHA1
  
  996e750a8b34bc225c29baab8d908980932303df
- SHA256
  
  18a0dc3743a6d5322cbff2f3adc8fbe3299c308adfbe4025dca164470aa31e02
- SHA512
  
  b09a39957c29672cd8d610ebc51bf904e5d90a16d64b47c2ac24038c5ae8d43167cf8bfb1f8c364d0e5603261550d2e644a8e6964441774fbc75e0fd8dcb3fb4
- SSDEEP
  
  1536:XfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbgWV:XVqoCl/YgjxEufVU0TbTyDDalVV
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

behavioral3

evasionpersistence

behavioral4

evasionpersistence