3ce2deed846543f4b039f43c99406ad949053816d492761c271bb796e32d5e7a | Triage

Sharing

General

Target

3ce2deed846543f4b039f43c99406ad949053816d492761c271bb796e32d5e7a
Size

40.8MB
Sample

240609-3p43eshb94
MD5

4e518b01f1a03136dd9add70b1896771
SHA1

5067bf77aa4237d8af1f32bcf1290f2ac93df50c
SHA256

3ce2deed846543f4b039f43c99406ad949053816d492761c271bb796e32d5e7a
SHA512

31f7b845fd787a7b05f481f8fec4cb9a9915e062e79d6896e96704c85b48e4dad4f3fcf2b4f92924e5f1c360af5dd71f37602b1cdfadf590814c2c1cff581298
SSDEEP

786432:U4XcPJcRbQxx6Ed3MBFAFUqq63budRfPY73B:rXWJ2ux6YMoq63bsRfPY73B

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  3ce2deed846543f4b039f43c99406ad949053816d492761c271bb796e32d5e7a
- Size
  
  40.8MB
- MD5
  
  4e518b01f1a03136dd9add70b1896771
- SHA1
  
  5067bf77aa4237d8af1f32bcf1290f2ac93df50c
- SHA256
  
  3ce2deed846543f4b039f43c99406ad949053816d492761c271bb796e32d5e7a
- SHA512
  
  31f7b845fd787a7b05f481f8fec4cb9a9915e062e79d6896e96704c85b48e4dad4f3fcf2b4f92924e5f1c360af5dd71f37602b1cdfadf590814c2c1cff581298
- SSDEEP
  
  786432:U4XcPJcRbQxx6Ed3MBFAFUqq63budRfPY73B:rXWJ2ux6YMoq63bsRfPY73B
Score

8^/10

execution persistence
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Creates new service(s)
  persistence execution
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence

behavioral2

executionpersistence