f37495676aa6c0634f83a925040639b1f910187f34b26bfb5c72d647afeae1b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f37495676aa6c0634f83a925040639b1f910187f34b26bfb5c72d647afeae1b3
Size

364KB
Sample

240724-ffz1sayfnr
MD5

a7fd9cea4156ba23052c0191eff25a00
SHA1

f81d709b9371797527186acd253c67a8786fe515
SHA256

f37495676aa6c0634f83a925040639b1f910187f34b26bfb5c72d647afeae1b3
SHA512

b5f5a6e3fe2fa5b0bcc7e6d13ba18a8ea00fc025f6a69892edcb0212a50a7f2ed236b95564141511d2938e2d459b0505647008f97e297c20bea461e8642e5a6a
SSDEEP

6144:n/tFmEFCIsFj5tT3sFgPy1GukTgsFj5tT3sF:TD1s15tLsiPoGukks15tLs

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f37495676aa6c0634f83a925040639b1f910187f34b26bfb5c72d647afeae1b3
- Size
  
  364KB
- MD5
  
  a7fd9cea4156ba23052c0191eff25a00
- SHA1
  
  f81d709b9371797527186acd253c67a8786fe515
- SHA256
  
  f37495676aa6c0634f83a925040639b1f910187f34b26bfb5c72d647afeae1b3
- SHA512
  
  b5f5a6e3fe2fa5b0bcc7e6d13ba18a8ea00fc025f6a69892edcb0212a50a7f2ed236b95564141511d2938e2d459b0505647008f97e297c20bea461e8642e5a6a
- SSDEEP
  
  6144:n/tFmEFCIsFj5tT3sFgPy1GukTgsFj5tT3sF:TD1s15tLsiPoGukks15tLs
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence