d94704356d193cb7e271da4ff6f1e36722ce4508b0ea9d8768a4c59b43fba131 | Triage

Sharing

General

Target

d94704356d193cb7e271da4ff6f1e36722ce4508b0ea9d8768a4c59b43fba131
Size

520KB
Sample

240604-ee2ybach25
MD5

4cd048efbfcbfcf4d7c411bdad4afa7f
SHA1

492565cd6833e366dc27971722388152ffecc905
SHA256

d94704356d193cb7e271da4ff6f1e36722ce4508b0ea9d8768a4c59b43fba131
SHA512

5b723fa17f05003fe232b91af4c5ef6b4ee491bde5e115a14d62c42e915360d37e97184dac32ba852cb872131a7cb1081db6e87365f8158b7bb280d165122fec
SSDEEP

6144:Ki05kH9OyU2uv5SRf/FWgFgtBgqIRAUW9kVYeVprU4wfhTv5xD2ZP0GVGdXcukT4:VrHGPv5Smpt6DmUWuVZkxikdXcq

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  d94704356d193cb7e271da4ff6f1e36722ce4508b0ea9d8768a4c59b43fba131
- Size
  
  520KB
- MD5
  
  4cd048efbfcbfcf4d7c411bdad4afa7f
- SHA1
  
  492565cd6833e366dc27971722388152ffecc905
- SHA256
  
  d94704356d193cb7e271da4ff6f1e36722ce4508b0ea9d8768a4c59b43fba131
- SHA512
  
  5b723fa17f05003fe232b91af4c5ef6b4ee491bde5e115a14d62c42e915360d37e97184dac32ba852cb872131a7cb1081db6e87365f8158b7bb280d165122fec
- SSDEEP
  
  6144:Ki05kH9OyU2uv5SRf/FWgFgtBgqIRAUW9kVYeVprU4wfhTv5xD2ZP0GVGdXcukT4:VrHGPv5Smpt6DmUWuVZkxikdXcq
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2