02af9634c4b4370e4ab26381145291963a071d928b8e8fef9e9a8e6dd018e1a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02af9634c4b4370e4ab26381145291963a071d928b8e8fef9e9a8e6dd018e1a5
Size

30KB
Sample

240619-ws2yxawara
MD5

4bf7024e69a6c40395ea696d5d2855cc
SHA1

f18fa66ab1b15661d4282203abe4660ec95a2774
SHA256

02af9634c4b4370e4ab26381145291963a071d928b8e8fef9e9a8e6dd018e1a5
SHA512

b80898b5d6575bb73afe6691952a4b0987ca926ea5f372dd98e0966b327828b5b9172a9674debb776c6f86504c5c2a6124f80d9ed09f189969e371895530543f
SSDEEP

768:PVEHJqjHyGvwFylDpulVSQJrE/2QmlCYZUTC91A4X:PH2nylslwHCCL

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  02af9634c4b4370e4ab26381145291963a071d928b8e8fef9e9a8e6dd018e1a5
- Size
  
  30KB
- MD5
  
  4bf7024e69a6c40395ea696d5d2855cc
- SHA1
  
  f18fa66ab1b15661d4282203abe4660ec95a2774
- SHA256
  
  02af9634c4b4370e4ab26381145291963a071d928b8e8fef9e9a8e6dd018e1a5
- SHA512
  
  b80898b5d6575bb73afe6691952a4b0987ca926ea5f372dd98e0966b327828b5b9172a9674debb776c6f86504c5c2a6124f80d9ed09f189969e371895530543f
- SSDEEP
  
  768:PVEHJqjHyGvwFylDpulVSQJrE/2QmlCYZUTC91A4X:PH2nylslwHCCL
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2