3f4c5ea8ea5ce4d7c480e23c3fa2c5a94a3cb26003e69d2332cb68e26a3dc678 | Triage

Sharing

General

Target

3f4c5ea8ea5ce4d7c480e23c3fa2c5a94a3cb26003e69d2332cb68e26a3dc678
Size

128KB
Sample

240603-zgb5wsgg41
MD5

a0ae9e266da0ef6cd10f231dc278d8ae
SHA1

50eeedefeb6a4a16dc2e40ef29b5d75917ad958c
SHA256

3f4c5ea8ea5ce4d7c480e23c3fa2c5a94a3cb26003e69d2332cb68e26a3dc678
SHA512

2ee77323e99da1eac3705b93bf094d1a671d60e2fda86d4a3c877b7e16973e6cabfb35a0fd8c11d1e55eaf42660c9c9b554a61c48c88e237f1abcb19a1f0a27a
SSDEEP

3072:UtybiyQQUymCmxQCH08uFafmHURHAVgnvedh6:VADCm+CH08uF8YU8gnve7

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3f4c5ea8ea5ce4d7c480e23c3fa2c5a94a3cb26003e69d2332cb68e26a3dc678
- Size
  
  128KB
- MD5
  
  a0ae9e266da0ef6cd10f231dc278d8ae
- SHA1
  
  50eeedefeb6a4a16dc2e40ef29b5d75917ad958c
- SHA256
  
  3f4c5ea8ea5ce4d7c480e23c3fa2c5a94a3cb26003e69d2332cb68e26a3dc678
- SHA512
  
  2ee77323e99da1eac3705b93bf094d1a671d60e2fda86d4a3c877b7e16973e6cabfb35a0fd8c11d1e55eaf42660c9c9b554a61c48c88e237f1abcb19a1f0a27a
- SSDEEP
  
  3072:UtybiyQQUymCmxQCH08uFafmHURHAVgnvedh6:VADCm+CH08uF8YU8gnve7
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2