General
-
Target
a8b6655d6632057bfb64eb43d9bd3c00N.exe
-
Size
479KB
-
Sample
240721-l1czmsyapf
-
MD5
a8b6655d6632057bfb64eb43d9bd3c00
-
SHA1
f830f5b262a47dcc4a56f7d9117c33d7edc68a5d
-
SHA256
cfef5b9a74db7c0abd81069caee13ee3f57347a8f4d68c6781b0fba072302bde
-
SHA512
ebb41e09e9963934fa4f4441e1372fa27a8748852b894c1630f76470245b95b2a16fab4562aa8791e8a928e62be396306c90823191c870ffe86e5c02d208dbe5
-
SSDEEP
12288:ntKe6Zv23YeC1zApdxHLMLa/NcDoAWmojaygBWL05e9:76Zv2lTdOLyNa4aygBc
Malware Config
Targets
-
-
Target
a8b6655d6632057bfb64eb43d9bd3c00N.exe
-
Size
479KB
-
MD5
a8b6655d6632057bfb64eb43d9bd3c00
-
SHA1
f830f5b262a47dcc4a56f7d9117c33d7edc68a5d
-
SHA256
cfef5b9a74db7c0abd81069caee13ee3f57347a8f4d68c6781b0fba072302bde
-
SHA512
ebb41e09e9963934fa4f4441e1372fa27a8748852b894c1630f76470245b95b2a16fab4562aa8791e8a928e62be396306c90823191c870ffe86e5c02d208dbe5
-
SSDEEP
12288:ntKe6Zv23YeC1zApdxHLMLa/NcDoAWmojaygBWL05e9:76Zv2lTdOLyNa4aygBc
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1