fd0e3c6599f278b8f79892bc44b1ffcb26fd575a5d51f0d7849ab8b8faa201d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd0e3c6599f278b8f79892bc44b1ffcb26fd575a5d51f0d7849ab8b8faa201d7
Size

482KB
Sample

240614-g46c5syble
MD5

fd464398f0673fc2233aa4212d4f8b1d
SHA1

b1213f98a027f11c7cd6afd8913e3aeb1d1fa6cf
SHA256

fd0e3c6599f278b8f79892bc44b1ffcb26fd575a5d51f0d7849ab8b8faa201d7
SHA512

ddcd7b14aa289f3e8b4b9b25e96441df5502c9709ea2a7a18b44d7292b7bf93408e7e086806a9b66d8bd80a45e9e4e0ad4b825a98829b7f6ea6517c008898a85
SSDEEP

6144:g+w7QXs/Ll+wGXAF2PbgKLVGFM6234lKm3mo8Yvi4KsLTFM6234lKm3:ghQKLMwGXAF5KLVGFB24lwR45FB24l

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  fd0e3c6599f278b8f79892bc44b1ffcb26fd575a5d51f0d7849ab8b8faa201d7
- Size
  
  482KB
- MD5
  
  fd464398f0673fc2233aa4212d4f8b1d
- SHA1
  
  b1213f98a027f11c7cd6afd8913e3aeb1d1fa6cf
- SHA256
  
  fd0e3c6599f278b8f79892bc44b1ffcb26fd575a5d51f0d7849ab8b8faa201d7
- SHA512
  
  ddcd7b14aa289f3e8b4b9b25e96441df5502c9709ea2a7a18b44d7292b7bf93408e7e086806a9b66d8bd80a45e9e4e0ad4b825a98829b7f6ea6517c008898a85
- SSDEEP
  
  6144:g+w7QXs/Ll+wGXAF2PbgKLVGFM6234lKm3mo8Yvi4KsLTFM6234lKm3:ghQKLMwGXAF5KLVGFB24lwR45FB24l
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2