3f6f67cd3ffbdde356bb32cf337fe8c802692a7d5670dbb88e050c760044b22a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f6f67cd3ffbdde356bb32cf337fe8c802692a7d5670dbb88e050c760044b22a
Size

128KB
Sample

240701-zml72ssfpp
MD5

5fdef1679f56c0e3e7b7ed7ccc0542f3
SHA1

74d297a7e806aac1ca5563dcb71bf336c22edf6c
SHA256

3f6f67cd3ffbdde356bb32cf337fe8c802692a7d5670dbb88e050c760044b22a
SHA512

cea3879e9ef2210b920782553ad1ff09565e3af7afddf110ad539b135a4d31fc92364bb8869a9b671129b972444da9ef29029b5754ade4b141211c47b0b1e6ac
SSDEEP

3072:veyaH9jGH7+0fVENedw0v0wnJcefSXQHPTTAkvB5DdcgFM9o:Wyk6H7luQPtnJfKXqPTX7D7FMm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3f6f67cd3ffbdde356bb32cf337fe8c802692a7d5670dbb88e050c760044b22a
- Size
  
  128KB
- MD5
  
  5fdef1679f56c0e3e7b7ed7ccc0542f3
- SHA1
  
  74d297a7e806aac1ca5563dcb71bf336c22edf6c
- SHA256
  
  3f6f67cd3ffbdde356bb32cf337fe8c802692a7d5670dbb88e050c760044b22a
- SHA512
  
  cea3879e9ef2210b920782553ad1ff09565e3af7afddf110ad539b135a4d31fc92364bb8869a9b671129b972444da9ef29029b5754ade4b141211c47b0b1e6ac
- SSDEEP
  
  3072:veyaH9jGH7+0fVENedw0v0wnJcefSXQHPTTAkvB5DdcgFM9o:Wyk6H7luQPtnJfKXqPTX7D7FMm
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2