ca4e7ff21fe7270e0b0807a22b90f29ba332a13c0eb98ea1d36668ea3d9d7da8 | Triage

Sharing

General

Target

ca4e7ff21fe7270e0b0807a22b90f29ba332a13c0eb98ea1d36668ea3d9d7da8
Size

192KB
Sample

240711-gevkcathjc
MD5

eb3a6c847f2846f9a29f19fc32853484
SHA1

2523a3f4c66a9a44370e59125615a3be99a6b244
SHA256

ca4e7ff21fe7270e0b0807a22b90f29ba332a13c0eb98ea1d36668ea3d9d7da8
SHA512

c19bb4c0af32757cac08da00e7bd45b8693424e1f4f01b474cbaf4478b2f32ec0c66effacece931464a3da4bce7c42bdcf1d8cb9ac077fd760c593d91c0cc4cd
SSDEEP

3072:SojNNvF4D+7zhYp++F3v7OICGUeHr4MKy3G7UEqMM6T9pui6yYPaI7DehizrVtNB:tNdFB7zhYp+Qv7OINUndpui6yYPaIGcn

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ca4e7ff21fe7270e0b0807a22b90f29ba332a13c0eb98ea1d36668ea3d9d7da8
- Size
  
  192KB
- MD5
  
  eb3a6c847f2846f9a29f19fc32853484
- SHA1
  
  2523a3f4c66a9a44370e59125615a3be99a6b244
- SHA256
  
  ca4e7ff21fe7270e0b0807a22b90f29ba332a13c0eb98ea1d36668ea3d9d7da8
- SHA512
  
  c19bb4c0af32757cac08da00e7bd45b8693424e1f4f01b474cbaf4478b2f32ec0c66effacece931464a3da4bce7c42bdcf1d8cb9ac077fd760c593d91c0cc4cd
- SSDEEP
  
  3072:SojNNvF4D+7zhYp++F3v7OICGUeHr4MKy3G7UEqMM6T9pui6yYPaI7DehizrVtNB:tNdFB7zhYp+Qv7OINUndpui6yYPaIGcn
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2