ce733bb2df06d37ef3c99d36b8cb748cbc9ba587ce070181e91590ebb1d15961 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce733bb2df06d37ef3c99d36b8cb748cbc9ba587ce070181e91590ebb1d15961
Size

2.7MB
Sample

240620-dzpyta1amk
MD5

5e5a15b5627466639b6776613b53c174
SHA1

8e29923230d7f4043934b7c5106af6f5bfdf6a8e
SHA256

ce733bb2df06d37ef3c99d36b8cb748cbc9ba587ce070181e91590ebb1d15961
SHA512

f1e2a38a42ebc8f494daecbb7135b2cf139f77d302ed5cffd3b1f00be0ac98c182117ad25203cacaa058166604f2ab400293cb8a2f8be40f35ac6f28783325e3
SSDEEP

49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB49w4Sx:+R0pI/IQlUoMPdmpSp64

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ce733bb2df06d37ef3c99d36b8cb748cbc9ba587ce070181e91590ebb1d15961
- Size
  
  2.7MB
- MD5
  
  5e5a15b5627466639b6776613b53c174
- SHA1
  
  8e29923230d7f4043934b7c5106af6f5bfdf6a8e
- SHA256
  
  ce733bb2df06d37ef3c99d36b8cb748cbc9ba587ce070181e91590ebb1d15961
- SHA512
  
  f1e2a38a42ebc8f494daecbb7135b2cf139f77d302ed5cffd3b1f00be0ac98c182117ad25203cacaa058166604f2ab400293cb8a2f8be40f35ac6f28783325e3
- SSDEEP
  
  49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB49w4Sx:+R0pI/IQlUoMPdmpSp64
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2