973250230731e616a4daf1e4eb931794b54bb3616fd461dbec09bd856d9c5eb2 | Triage

Sharing

General

Target

d10cfa40626073334e1f2fdff932e7b0N.exe
Size

448KB
Sample

240725-ptvgwsyfqq
MD5

d10cfa40626073334e1f2fdff932e7b0
SHA1

0f8711f7021f8c8568c663c766fbf09407b1d347
SHA256

973250230731e616a4daf1e4eb931794b54bb3616fd461dbec09bd856d9c5eb2
SHA512

d76c29ab126673bcec1855102281049ef5b8137a12ccef22280331d89e2d22a6368dc782f5786e8e88b1f50d7cba861160be0b0b78ed807580e4fd677ca01924
SSDEEP

6144:EkFAIPQ///NR5fLYG3eujPQ///NR5fqZo4tjS6Y:ZK/NcZ7/NC64tm6Y

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d10cfa40626073334e1f2fdff932e7b0N.exe
- Size
  
  448KB
- MD5
  
  d10cfa40626073334e1f2fdff932e7b0
- SHA1
  
  0f8711f7021f8c8568c663c766fbf09407b1d347
- SHA256
  
  973250230731e616a4daf1e4eb931794b54bb3616fd461dbec09bd856d9c5eb2
- SHA512
  
  d76c29ab126673bcec1855102281049ef5b8137a12ccef22280331d89e2d22a6368dc782f5786e8e88b1f50d7cba861160be0b0b78ed807580e4fd677ca01924
- SSDEEP
  
  6144:EkFAIPQ///NR5fLYG3eujPQ///NR5fqZo4tjS6Y:ZK/NcZ7/NC64tm6Y
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence