eba4388023ac0cbc43e4f5c28899c3fba86e607cd4830077af2e68cad8e98cff | Triage

Sharing

General

Target

eba4388023ac0cbc43e4f5c28899c3fba86e607cd4830077af2e68cad8e98cff
Size

188KB
Sample

240711-jn54jswfpl
MD5

a96b61c3b25b145cea3aeffea2a3608d
SHA1

a643f9a0aeb620c0f3e225d2931f09b0191e9765
SHA256

eba4388023ac0cbc43e4f5c28899c3fba86e607cd4830077af2e68cad8e98cff
SHA512

4c941ca15620713f0c59f3c37f6d28a5835dd7ec19b894aacb77ddf1e839c1342a2f7ba5291042d7df9b13c1b3edca570cc4c933dd6767c5b5102190d12c7338
SSDEEP

3072:zvi1K1ZfUH7ADftMJlQ1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:TX1Zs7ADftolQ1AelhEN4MujGJoSoDco

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  eba4388023ac0cbc43e4f5c28899c3fba86e607cd4830077af2e68cad8e98cff
- Size
  
  188KB
- MD5
  
  a96b61c3b25b145cea3aeffea2a3608d
- SHA1
  
  a643f9a0aeb620c0f3e225d2931f09b0191e9765
- SHA256
  
  eba4388023ac0cbc43e4f5c28899c3fba86e607cd4830077af2e68cad8e98cff
- SHA512
  
  4c941ca15620713f0c59f3c37f6d28a5835dd7ec19b894aacb77ddf1e839c1342a2f7ba5291042d7df9b13c1b3edca570cc4c933dd6767c5b5102190d12c7338
- SSDEEP
  
  3072:zvi1K1ZfUH7ADftMJlQ1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:TX1Zs7ADftolQ1AelhEN4MujGJoSoDco
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2