4ea31ee12f89148280a26ad4e25dd119fdbd0c40ecae195cb3788147c42472d6 | Triage

Sharing

General

Target

b7ea265b1049bc6a8c467d29526017c0N.exe
Size

464KB
Sample

240723-pthhbszejk
MD5

b7ea265b1049bc6a8c467d29526017c0
SHA1

617ca2353b27c400b5602e9cbb1883d194c01517
SHA256

4ea31ee12f89148280a26ad4e25dd119fdbd0c40ecae195cb3788147c42472d6
SHA512

a9b94b0a19c31dfb71af37fe785aff0951b307cf3707d340c6c19366df3acc82fc1c177cbd91203e1b33f6d54a830f4be3be7705bc2acb56e1d00c7e2574601f
SSDEEP

12288:GKlc87eqqV5e+wBV6O+yikBAKQPIVFMkO5AF3xarC:GKSqqHeVBxvBA/IV9O5AF3xaW

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  b7ea265b1049bc6a8c467d29526017c0N.exe
- Size
  
  464KB
- MD5
  
  b7ea265b1049bc6a8c467d29526017c0
- SHA1
  
  617ca2353b27c400b5602e9cbb1883d194c01517
- SHA256
  
  4ea31ee12f89148280a26ad4e25dd119fdbd0c40ecae195cb3788147c42472d6
- SHA512
  
  a9b94b0a19c31dfb71af37fe785aff0951b307cf3707d340c6c19366df3acc82fc1c177cbd91203e1b33f6d54a830f4be3be7705bc2acb56e1d00c7e2574601f
- SSDEEP
  
  12288:GKlc87eqqV5e+wBV6O+yikBAKQPIVFMkO5AF3xarC:GKSqqHeVBxvBA/IV9O5AF3xaW
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2