d91b531302824f79440d89c39e2051e773e317139757bf251c92bf0607d70dbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1d06c18bb8f20c8fc9ce54ba9cc4c80N.exe
Size

206KB
Sample

240715-nvzbssvcqn
MD5

d1d06c18bb8f20c8fc9ce54ba9cc4c80
SHA1

3ba3a5d14a3f2a84a15902b028c85a7667a92f55
SHA256

d91b531302824f79440d89c39e2051e773e317139757bf251c92bf0607d70dbe
SHA512

5d6621ae24473ff26a01a0da2b01a2b77110d37031bdbf484a846d11c31586981104efd3e3d1b6422bdcf60167a1311eedb584849884a4c9df7fdce6f33f2d59
SSDEEP

1536:/fsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbJd4Z:/VqoCl/YgjxEufVU0TbTyDDalb4Z

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  d1d06c18bb8f20c8fc9ce54ba9cc4c80N.exe
- Size
  
  206KB
- MD5
  
  d1d06c18bb8f20c8fc9ce54ba9cc4c80
- SHA1
  
  3ba3a5d14a3f2a84a15902b028c85a7667a92f55
- SHA256
  
  d91b531302824f79440d89c39e2051e773e317139757bf251c92bf0607d70dbe
- SHA512
  
  5d6621ae24473ff26a01a0da2b01a2b77110d37031bdbf484a846d11c31586981104efd3e3d1b6422bdcf60167a1311eedb584849884a4c9df7fdce6f33f2d59
- SSDEEP
  
  1536:/fsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbJd4Z:/VqoCl/YgjxEufVU0TbTyDDalb4Z
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence