0ab5e0ef49e3591f2e208a709b82b8f5f0fd1e60dd5c9d8558eb5c8a72cb76c0 | Triage

Sharing

General

Target

0ab5e0ef49e3591f2e208a709b82b8f5f0fd1e60dd5c9d8558eb5c8a72cb76c0
Size

80KB
Sample

240725-w77gyaxblq
MD5

e7a52c65f71df5574cc02ff870ed162b
SHA1

6bdb1724eba821fbe4690d184e70d668da492ec4
SHA256

0ab5e0ef49e3591f2e208a709b82b8f5f0fd1e60dd5c9d8558eb5c8a72cb76c0
SHA512

c27d5b4e67b07731c0c149abdeec6b8125fee619ee111541404e6a18af57067326389249b8ba5d5813bb30ded864b3f89ef95c8b9eeee26e3fad80cd52e76cf5
SSDEEP

1536:I/X4wPGssaRwDggL22bR3UbZItMQcn0FSXr8WQqXRqnUGRQABR/RgpMujAYC+O+Y:VnD3BR3U6HCn73Qqh9GekVqLAYC+O+Y

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0ab5e0ef49e3591f2e208a709b82b8f5f0fd1e60dd5c9d8558eb5c8a72cb76c0
- Size
  
  80KB
- MD5
  
  e7a52c65f71df5574cc02ff870ed162b
- SHA1
  
  6bdb1724eba821fbe4690d184e70d668da492ec4
- SHA256
  
  0ab5e0ef49e3591f2e208a709b82b8f5f0fd1e60dd5c9d8558eb5c8a72cb76c0
- SHA512
  
  c27d5b4e67b07731c0c149abdeec6b8125fee619ee111541404e6a18af57067326389249b8ba5d5813bb30ded864b3f89ef95c8b9eeee26e3fad80cd52e76cf5
- SSDEEP
  
  1536:I/X4wPGssaRwDggL22bR3UbZItMQcn0FSXr8WQqXRqnUGRQABR/RgpMujAYC+O+Y:VnD3BR3U6HCn73Qqh9GekVqLAYC+O+Y
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence