89a5282d7a3ed4f3f7c53dbec788fec64f2aa6f6462f580ca2832311fecacde8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89a5282d7a3ed4f3f7c53dbec788fec64f2aa6f6462f580ca2832311fecacde8
Size

264KB
Sample

240711-bx6sfateng
MD5

f1c9b392bf7b5d78605d6c6a77fa26b6
SHA1

af67e52cbe322691a4e59c9831afec4a20eb8c3d
SHA256

89a5282d7a3ed4f3f7c53dbec788fec64f2aa6f6462f580ca2832311fecacde8
SHA512

f4382c966285695d1a63fc6a3f8b94356adcfeab33d75b7fb465db572e1441ca8978fa2314fd86fb795f37b723f8a01d85aa785aeaf6d147cae8c3902668fa48
SSDEEP

3072:PMUYlLeTcHBfxz24ho1mtye3lFDrFDHZtO8jJkiUi8ChpBhx5Zd424ho1mtye3lg:P4ReTcHb4sFj5tPNki9HZd1sFj5tw

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  89a5282d7a3ed4f3f7c53dbec788fec64f2aa6f6462f580ca2832311fecacde8
- Size
  
  264KB
- MD5
  
  f1c9b392bf7b5d78605d6c6a77fa26b6
- SHA1
  
  af67e52cbe322691a4e59c9831afec4a20eb8c3d
- SHA256
  
  89a5282d7a3ed4f3f7c53dbec788fec64f2aa6f6462f580ca2832311fecacde8
- SHA512
  
  f4382c966285695d1a63fc6a3f8b94356adcfeab33d75b7fb465db572e1441ca8978fa2314fd86fb795f37b723f8a01d85aa785aeaf6d147cae8c3902668fa48
- SSDEEP
  
  3072:PMUYlLeTcHBfxz24ho1mtye3lFDrFDHZtO8jJkiUi8ChpBhx5Zd424ho1mtye3lg:P4ReTcHb4sFj5tPNki9HZd1sFj5tw
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2