4ed28df9a109c30149f9cc700d849d43b6d7dda9b54c59b04829f9b48349ab3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ed28df9a109c30149f9cc700d849d43b6d7dda9b54c59b04829f9b48349ab3d
Size

67KB
Sample

240726-1lxg3azdkh
MD5

aa190f5506d7a5e0fc47b235939ab3f5
SHA1

c065797f55143894fbe0dede9aa3b7cd3445018d
SHA256

4ed28df9a109c30149f9cc700d849d43b6d7dda9b54c59b04829f9b48349ab3d
SHA512

49ae18b1e489aae8c6f3b769b03a254616919dc3207fee72d6afe4248d22eb293e4591076e8f1577ad17812de36d310ab1ba79165709135fe07865bace89f7ca
SSDEEP

1536:C36Ij1XNK3Kr4ftkUOLAOMfRcE1evqrXXQ7JhtViH1cgCe8uC:W6mWFkUBO+RDvDg7n7iHugCe8uC

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4ed28df9a109c30149f9cc700d849d43b6d7dda9b54c59b04829f9b48349ab3d
- Size
  
  67KB
- MD5
  
  aa190f5506d7a5e0fc47b235939ab3f5
- SHA1
  
  c065797f55143894fbe0dede9aa3b7cd3445018d
- SHA256
  
  4ed28df9a109c30149f9cc700d849d43b6d7dda9b54c59b04829f9b48349ab3d
- SHA512
  
  49ae18b1e489aae8c6f3b769b03a254616919dc3207fee72d6afe4248d22eb293e4591076e8f1577ad17812de36d310ab1ba79165709135fe07865bace89f7ca
- SSDEEP
  
  1536:C36Ij1XNK3Kr4ftkUOLAOMfRcE1evqrXXQ7JhtViH1cgCe8uC:W6mWFkUBO+RDvDg7n7iHugCe8uC
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence