0ab5e53166c0a43a608f29012cae1d8f3fc595b7cc627b68fef47cff7e6d8244 | Triage

Sharing

General

Target

057cb3db46651f881bfd293cb7e5c0d0N.exe
Size

165KB
Sample

240721-y3hn5avfmn
MD5

057cb3db46651f881bfd293cb7e5c0d0
SHA1

7bcde8aa2e205c3a4b033247730b3e7b959c8786
SHA256

0ab5e53166c0a43a608f29012cae1d8f3fc595b7cc627b68fef47cff7e6d8244
SHA512

ac5b78d3d72bf0c9cc07c027065d393f86034d7dee16f2c9d4c7a2988980e8c5c3085b4d523435ef156bc7e983ef56b8028d4c11e9fdff1ca27edde32448b96d
SSDEEP

3072:Jup/KaCja+FV8rPJWANROJT3vQfEdArGzHq+egM5bylnO/hZP:JYKaCkhNoJbQMdArGzHregqgnO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  057cb3db46651f881bfd293cb7e5c0d0N.exe
- Size
  
  165KB
- MD5
  
  057cb3db46651f881bfd293cb7e5c0d0
- SHA1
  
  7bcde8aa2e205c3a4b033247730b3e7b959c8786
- SHA256
  
  0ab5e53166c0a43a608f29012cae1d8f3fc595b7cc627b68fef47cff7e6d8244
- SHA512
  
  ac5b78d3d72bf0c9cc07c027065d393f86034d7dee16f2c9d4c7a2988980e8c5c3085b4d523435ef156bc7e983ef56b8028d4c11e9fdff1ca27edde32448b96d
- SSDEEP
  
  3072:Jup/KaCja+FV8rPJWANROJT3vQfEdArGzHq+egM5bylnO/hZP:JYKaCkhNoJbQMdArGzHregqgnO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2