cf18c98023e81cfcc2458225b1be345c20debf569bf8674a00577a96e90e75b1 | Triage

Sharing

General

Target

cf18c98023e81cfcc2458225b1be345c20debf569bf8674a00577a96e90e75b1
Size

235KB
Sample

240615-cr16fazcrp
MD5

0052da5dcb63ffc54f0c4fa95a40facd
SHA1

4b2c58b39e666e72801a4d861d7a8288ff5b0a4f
SHA256

cf18c98023e81cfcc2458225b1be345c20debf569bf8674a00577a96e90e75b1
SHA512

b6cb667789185eb8d87402732d67da326e828cbce5619eacc07d30fd61c6f33dfb04a8cf22decbb43b249be99741d8e2e8455c50afc4bd356def72e2e7efe029
SSDEEP

6144:jDneMfoKjSkemxM1Ad8ulrtMsQB+vn87L5A5:jbeMfoKjSkv+ERMsD/y1A5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cf18c98023e81cfcc2458225b1be345c20debf569bf8674a00577a96e90e75b1
- Size
  
  235KB
- MD5
  
  0052da5dcb63ffc54f0c4fa95a40facd
- SHA1
  
  4b2c58b39e666e72801a4d861d7a8288ff5b0a4f
- SHA256
  
  cf18c98023e81cfcc2458225b1be345c20debf569bf8674a00577a96e90e75b1
- SHA512
  
  b6cb667789185eb8d87402732d67da326e828cbce5619eacc07d30fd61c6f33dfb04a8cf22decbb43b249be99741d8e2e8455c50afc4bd356def72e2e7efe029
- SSDEEP
  
  6144:jDneMfoKjSkemxM1Ad8ulrtMsQB+vn87L5A5:jbeMfoKjSkv+ERMsD/y1A5
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2