16564607eb89d1576cde29250ce7f159d162805c6700ad4de66f67f9d3fef73b | Triage

Sharing

General

Target

16564607eb89d1576cde29250ce7f159d162805c6700ad4de66f67f9d3fef73b
Size

320KB
Sample

240627-xsnxqawaqh
MD5

da6dcb07241129048227a5e01b107287
SHA1

af3544bbc31a95cd21fa24557aa87447f516ffb0
SHA256

16564607eb89d1576cde29250ce7f159d162805c6700ad4de66f67f9d3fef73b
SHA512

6374daefeafa48ea9c8a821e27fe6fd6cfa884572509a1338f0d07b7bfd69ad57036cc1c2a270009ca927a8a11fac3b1fde1547a0a57d89cf245cfad99cf891a
SSDEEP

6144:I8aDN1x9iT6xTOJLAYCtE07kli0KoCYtw2B0Ddu9szWfx09UBIUbPLwH/lLOUaR+:hgx9+6xTdYJ07kE0KoFtw2gu9RxrBIUC

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  16564607eb89d1576cde29250ce7f159d162805c6700ad4de66f67f9d3fef73b
- Size
  
  320KB
- MD5
  
  da6dcb07241129048227a5e01b107287
- SHA1
  
  af3544bbc31a95cd21fa24557aa87447f516ffb0
- SHA256
  
  16564607eb89d1576cde29250ce7f159d162805c6700ad4de66f67f9d3fef73b
- SHA512
  
  6374daefeafa48ea9c8a821e27fe6fd6cfa884572509a1338f0d07b7bfd69ad57036cc1c2a270009ca927a8a11fac3b1fde1547a0a57d89cf245cfad99cf891a
- SSDEEP
  
  6144:I8aDN1x9iT6xTOJLAYCtE07kli0KoCYtw2B0Ddu9szWfx09UBIUbPLwH/lLOUaR+:hgx9+6xTdYJ07kE0KoFtw2gu9RxrBIUC
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2