95da0fccd8782a2b84562320bbe4fb441893d95980cb898f56337a0bc983a0c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95da0fccd8782a2b84562320bbe4fb441893d95980cb898f56337a0bc983a0c5
Size

52KB
Sample

240724-as5h5s1bjb
MD5

da1404b81f29a8999bb4a8c29cb0a674
SHA1

495c66414997cfc3d3f7b1175a0f40283afcff93
SHA256

95da0fccd8782a2b84562320bbe4fb441893d95980cb898f56337a0bc983a0c5
SHA512

c58fc1fed3cb2be405b1483d51122c8c42a340a1d9da06ea476e33b1ddd5c1fe01dba9e1994535cd6cd337f174c3815aa48aac7039719e95240ff98cfe8fadbd
SSDEEP

768:ockldnqQVnfD8W9uju4sZ7Cv1akVPuNedhcKLSvtKTGe9WzOGSHtG//1H5F/sRdg:o3l9VfH46CdaqLSRM9SSHoRc5MAdKZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  95da0fccd8782a2b84562320bbe4fb441893d95980cb898f56337a0bc983a0c5
- Size
  
  52KB
- MD5
  
  da1404b81f29a8999bb4a8c29cb0a674
- SHA1
  
  495c66414997cfc3d3f7b1175a0f40283afcff93
- SHA256
  
  95da0fccd8782a2b84562320bbe4fb441893d95980cb898f56337a0bc983a0c5
- SHA512
  
  c58fc1fed3cb2be405b1483d51122c8c42a340a1d9da06ea476e33b1ddd5c1fe01dba9e1994535cd6cd337f174c3815aa48aac7039719e95240ff98cfe8fadbd
- SSDEEP
  
  768:ockldnqQVnfD8W9uju4sZ7Cv1akVPuNedhcKLSvtKTGe9WzOGSHtG//1H5F/sRdg:o3l9VfH46CdaqLSRM9SSHoRc5MAdKZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence