496b49a565fa81b3116e621861861c0ee2a278d7902e1a0d2a2ca1d4796e9259 | Triage

Sharing

General

Target

496b49a565fa81b3116e621861861c0ee2a278d7902e1a0d2a2ca1d4796e9259.exe
Size

97KB
Sample

240704-nhermawelj
MD5

caa993ed55bfe224bb65ef12ca926530
SHA1

092a438ca7ac3cbc751be34339c99b1fd46db06d
SHA256

496b49a565fa81b3116e621861861c0ee2a278d7902e1a0d2a2ca1d4796e9259
SHA512

1312bb7f8dee92360cac0dcbedb0c318fcfc3edf525a2b814fe38aff420196f6b385a915682c29aabc0605bf06f8a1a5bdc072ad286a214933e994afbf724c1d
SSDEEP

1536:+Mv0rJtge+/UPUDL5ftxxEQ/dRJrFAknW+6bUwoV4dss35WJUhs/ia7/4Ln17dva:1kW/RtfCQ/fJr6UD4Ln171JXeK6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  496b49a565fa81b3116e621861861c0ee2a278d7902e1a0d2a2ca1d4796e9259.exe
- Size
  
  97KB
- MD5
  
  caa993ed55bfe224bb65ef12ca926530
- SHA1
  
  092a438ca7ac3cbc751be34339c99b1fd46db06d
- SHA256
  
  496b49a565fa81b3116e621861861c0ee2a278d7902e1a0d2a2ca1d4796e9259
- SHA512
  
  1312bb7f8dee92360cac0dcbedb0c318fcfc3edf525a2b814fe38aff420196f6b385a915682c29aabc0605bf06f8a1a5bdc072ad286a214933e994afbf724c1d
- SSDEEP
  
  1536:+Mv0rJtge+/UPUDL5ftxxEQ/dRJrFAknW+6bUwoV4dss35WJUhs/ia7/4Ln17dva:1kW/RtfCQ/fJr6UD4Ln171JXeK6
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2