af74831d9c8e089aca0b932c4412f46226544c94fa4c3874ada390bb8cb00762 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af74831d9c8e089aca0b932c4412f46226544c94fa4c3874ada390bb8cb00762
Size

99KB
Sample

240710-dvk43atenk
MD5

7a480e23ab6e61cf5cf371860539edee
SHA1

a152ee60b795b47369000709f1539e91c81230e0
SHA256

af74831d9c8e089aca0b932c4412f46226544c94fa4c3874ada390bb8cb00762
SHA512

adb4bd9ea379e225e0934881aee38b583cc67282acf720ae7ffb6b12ee3ab6c18483f85998c929ea6e4710eb4d468b0015200bfbd8b6127d585ddebdb2383891
SSDEEP

3072:NprtpQLBB/F0Hzlycgc3HNuJeyzpwoTRBmDRGGurhUI:NdtpQ/d0ocgc3HQcJm7UI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  af74831d9c8e089aca0b932c4412f46226544c94fa4c3874ada390bb8cb00762
- Size
  
  99KB
- MD5
  
  7a480e23ab6e61cf5cf371860539edee
- SHA1
  
  a152ee60b795b47369000709f1539e91c81230e0
- SHA256
  
  af74831d9c8e089aca0b932c4412f46226544c94fa4c3874ada390bb8cb00762
- SHA512
  
  adb4bd9ea379e225e0934881aee38b583cc67282acf720ae7ffb6b12ee3ab6c18483f85998c929ea6e4710eb4d468b0015200bfbd8b6127d585ddebdb2383891
- SSDEEP
  
  3072:NprtpQLBB/F0Hzlycgc3HNuJeyzpwoTRBmDRGGurhUI:NdtpQ/d0ocgc3HQcJm7UI
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2