21a59694b66af46a2d7aff5cf21ccc7b4a520c3f16c90fd93de9a66a81ef19fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21a59694b66af46a2d7aff5cf21ccc7b4a520c3f16c90fd93de9a66a81ef19fd.exe
Size

96KB
Sample

240704-an2lpatfqr
MD5

e26f1f5d18bc3dcae13b21b3fb35f100
SHA1

ed9e652e0e82fb519e93a558a89748edf868bea7
SHA256

21a59694b66af46a2d7aff5cf21ccc7b4a520c3f16c90fd93de9a66a81ef19fd
SHA512

e84d4c2af3a801c83b033097f3d0b62d423c122c10b6218f5345069e62e3dfae67d060064e0b8fcad740fb1544fc66b9761ed8fa255ff8f3bdfe3b80f67662c0
SSDEEP

1536:toXZVdvifHT1+LBds4MYJGbQPlGxgd1RQ+xR5R45WtqV9R2R462izMg3R7ih9:6VdMQ9eLbQ4S1e+xHrtG9MW3+3l29

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  21a59694b66af46a2d7aff5cf21ccc7b4a520c3f16c90fd93de9a66a81ef19fd.exe
- Size
  
  96KB
- MD5
  
  e26f1f5d18bc3dcae13b21b3fb35f100
- SHA1
  
  ed9e652e0e82fb519e93a558a89748edf868bea7
- SHA256
  
  21a59694b66af46a2d7aff5cf21ccc7b4a520c3f16c90fd93de9a66a81ef19fd
- SHA512
  
  e84d4c2af3a801c83b033097f3d0b62d423c122c10b6218f5345069e62e3dfae67d060064e0b8fcad740fb1544fc66b9761ed8fa255ff8f3bdfe3b80f67662c0
- SSDEEP
  
  1536:toXZVdvifHT1+LBds4MYJGbQPlGxgd1RQ+xR5R45WtqV9R2R462izMg3R7ih9:6VdMQ9eLbQ4S1e+xHrtG9MW3+3l29
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2