4f4b1d9cc611f03e295b3a1edc9cca236c4949be356424f8d1c08e1df77d70a7 | Triage

Sharing

General

Target

c3fa5b0033ae5e45eab0d0cdd98ae720N.exe
Size

64KB
Sample

240725-m5srbsvdrr
MD5

c3fa5b0033ae5e45eab0d0cdd98ae720
SHA1

150c2d6a5ec515095f36cba539bc3e932d34093e
SHA256

4f4b1d9cc611f03e295b3a1edc9cca236c4949be356424f8d1c08e1df77d70a7
SHA512

050ddbb16e54d2a3ff8e74bdcdb09853e8f004e8c70c3dbe13f40c3282c0ff4e00b2a84fcfc23372c9560c4e327ba0f63aac0210e631e7616c5881860e25607d
SSDEEP

768:HCYQpTH71fIEMr+a6o8JW9IwTj/s+nK6y5l0YoA3e2p/1H5AXdnh0Usb0DWBi:HipTb1fIZr+R9qI49nK6NA3e2LkrDWBi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c3fa5b0033ae5e45eab0d0cdd98ae720N.exe
- Size
  
  64KB
- MD5
  
  c3fa5b0033ae5e45eab0d0cdd98ae720
- SHA1
  
  150c2d6a5ec515095f36cba539bc3e932d34093e
- SHA256
  
  4f4b1d9cc611f03e295b3a1edc9cca236c4949be356424f8d1c08e1df77d70a7
- SHA512
  
  050ddbb16e54d2a3ff8e74bdcdb09853e8f004e8c70c3dbe13f40c3282c0ff4e00b2a84fcfc23372c9560c4e327ba0f63aac0210e631e7616c5881860e25607d
- SSDEEP
  
  768:HCYQpTH71fIEMr+a6o8JW9IwTj/s+nK6y5l0YoA3e2p/1H5AXdnh0Usb0DWBi:HipTb1fIZr+R9qI49nK6NA3e2LkrDWBi
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence