490abdd38ede660b5d7bf832f887884840f007b41e1682de86141b5acc01bbf7 | Triage

Sharing

General

Target

e898eca29a80a90dc080efda283ad1c0N.exe
Size

188KB
Sample

240725-wpsaasyfpf
MD5

e898eca29a80a90dc080efda283ad1c0
SHA1

3bc8b6da66d60a40c13eb763d40ebc7b797048fa
SHA256

490abdd38ede660b5d7bf832f887884840f007b41e1682de86141b5acc01bbf7
SHA512

e014325be53d5fa534ee3fa6d17bc722d05161793c672a0c16564023e60083a2a10f4e63d85d0457da9eca284f0f10b07168158d305c839b72f2b53d531a46f5
SSDEEP

3072:TbHdyUQ9Do5J+FJCk1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:l5Q9D6+FJCk1AelhEN4MujGJoSoDco

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e898eca29a80a90dc080efda283ad1c0N.exe
- Size
  
  188KB
- MD5
  
  e898eca29a80a90dc080efda283ad1c0
- SHA1
  
  3bc8b6da66d60a40c13eb763d40ebc7b797048fa
- SHA256
  
  490abdd38ede660b5d7bf832f887884840f007b41e1682de86141b5acc01bbf7
- SHA512
  
  e014325be53d5fa534ee3fa6d17bc722d05161793c672a0c16564023e60083a2a10f4e63d85d0457da9eca284f0f10b07168158d305c839b72f2b53d531a46f5
- SSDEEP
  
  3072:TbHdyUQ9Do5J+FJCk1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:l5Q9D6+FJCk1AelhEN4MujGJoSoDco
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence