8393ff0418668e8df2ffd9ce5c7e8280f9d5f7e45a1f91f72ccc65c05d8219e0 | Triage

Sharing

General

Target

8393ff0418668e8df2ffd9ce5c7e8280f9d5f7e45a1f91f72ccc65c05d8219e0
Size

128KB
Sample

240723-3rkfssyfka
MD5

f6b11d2295eb6a9de3a10b6f28cfb6ab
SHA1

d0efb461a5d4fcc8bc7f8b1bba8aebadad4663d8
SHA256

8393ff0418668e8df2ffd9ce5c7e8280f9d5f7e45a1f91f72ccc65c05d8219e0
SHA512

cafd6667efce2b4f56fc96123b85b11d14df0ba10588c7d387a985a449ac52b17b23d32890a067d299c11240176a1d09f9ad60bd68d0e0db5081aca50015ea2e
SSDEEP

3072:61DNUAgQAcLXBXWw8asCHNhMXi6Y0HYSx9m9jqLsFmp:SSAgQTLtW2xUS6UJjws6

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8393ff0418668e8df2ffd9ce5c7e8280f9d5f7e45a1f91f72ccc65c05d8219e0
- Size
  
  128KB
- MD5
  
  f6b11d2295eb6a9de3a10b6f28cfb6ab
- SHA1
  
  d0efb461a5d4fcc8bc7f8b1bba8aebadad4663d8
- SHA256
  
  8393ff0418668e8df2ffd9ce5c7e8280f9d5f7e45a1f91f72ccc65c05d8219e0
- SHA512
  
  cafd6667efce2b4f56fc96123b85b11d14df0ba10588c7d387a985a449ac52b17b23d32890a067d299c11240176a1d09f9ad60bd68d0e0db5081aca50015ea2e
- SSDEEP
  
  3072:61DNUAgQAcLXBXWw8asCHNhMXi6Y0HYSx9m9jqLsFmp:SSAgQTLtW2xUS6UJjws6
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence