816b06180df61ee8ce62aceeb62b8241863e8e1ef9f4e0145037fd344ab2aaba | Triage

Sharing

General

Target

816b06180df61ee8ce62aceeb62b8241863e8e1ef9f4e0145037fd344ab2aaba
Size

217KB
Sample

240708-ats7hatdpq
MD5

5b5ceac128744a8e0d9cd337674a5f31
SHA1

fb0bef5b8d34a8a4cd0cb545fb4e9f372a5ae747
SHA256

816b06180df61ee8ce62aceeb62b8241863e8e1ef9f4e0145037fd344ab2aaba
SHA512

61a00b12bfc43d301991091e4125e76e5001ae3ceaee37595508f7387017cf259ef77fbb2723b1dd55f6c377a4e1bbd092031b2375c619217fbf83f283021ac8
SSDEEP

3072:ILBNMvzQJPH8JrG5POr6mnaLeS5pAgYIqGvJ6887lbyMGjXF1kqaholmtbCQVD:ILb4zWVHmaLdZMGXF5ahdt3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  816b06180df61ee8ce62aceeb62b8241863e8e1ef9f4e0145037fd344ab2aaba
- Size
  
  217KB
- MD5
  
  5b5ceac128744a8e0d9cd337674a5f31
- SHA1
  
  fb0bef5b8d34a8a4cd0cb545fb4e9f372a5ae747
- SHA256
  
  816b06180df61ee8ce62aceeb62b8241863e8e1ef9f4e0145037fd344ab2aaba
- SHA512
  
  61a00b12bfc43d301991091e4125e76e5001ae3ceaee37595508f7387017cf259ef77fbb2723b1dd55f6c377a4e1bbd092031b2375c619217fbf83f283021ac8
- SSDEEP
  
  3072:ILBNMvzQJPH8JrG5POr6mnaLeS5pAgYIqGvJ6887lbyMGjXF1kqaholmtbCQVD:ILb4zWVHmaLdZMGXF5ahdt3
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2