131737354fa9851c749328facb863eecd106cc0f8ca2841c05e6a0c9a468d80c | Triage

Sharing

General

Target

131737354fa9851c749328facb863eecd106cc0f8ca2841c05e6a0c9a468d80c
Size

82KB
Sample

240613-ye5hzssgkr
MD5

cb3e9ac089012bb811edc08abce1e35f
SHA1

c2f414df59586e332fd17f6f7e54cdf4e03aad6b
SHA256

131737354fa9851c749328facb863eecd106cc0f8ca2841c05e6a0c9a468d80c
SHA512

d65a49bc6bd7a92df1628d061c86433b76344000cbd1e511a02e0570de19cb7f824d94be10ea82b6a1ef0666c1a983bf1180e98d9a5443e062e83e767b170c22
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWO5a6M:GhfxHNIreQm+HiKa6M

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  131737354fa9851c749328facb863eecd106cc0f8ca2841c05e6a0c9a468d80c
- Size
  
  82KB
- MD5
  
  cb3e9ac089012bb811edc08abce1e35f
- SHA1
  
  c2f414df59586e332fd17f6f7e54cdf4e03aad6b
- SHA256
  
  131737354fa9851c749328facb863eecd106cc0f8ca2841c05e6a0c9a468d80c
- SHA512
  
  d65a49bc6bd7a92df1628d061c86433b76344000cbd1e511a02e0570de19cb7f824d94be10ea82b6a1ef0666c1a983bf1180e98d9a5443e062e83e767b170c22
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWO5a6M:GhfxHNIreQm+HiKa6M
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2