ba11c7326f8311b1a2f67af77f9deb33e3eb4a5c1959f03cd2d3e22bad1221af | Triage

Sharing

General

Target

ba11c7326f8311b1a2f67af77f9deb33e3eb4a5c1959f03cd2d3e22bad1221af
Size

336KB
Sample

240726-c3rfdathlg
MD5

c2a3217bcd91eb6b5b73cea7f6fc315e
SHA1

c62a65a9dae9e84a39f86b5c5456d44936f0beec
SHA256

ba11c7326f8311b1a2f67af77f9deb33e3eb4a5c1959f03cd2d3e22bad1221af
SHA512

970f67e80427fb4181dbd980aabc599cc96d68d023985047651d2f3037041ae82867f6cb6e7cdc118d37ef3d3e5d0ca5bf6f6993dc49dec5945d63cefd4d0d27
SSDEEP

6144:fXaVPRX8Ly7aOl3BzrUmKyIxLfYeOO9UmKyIxLiajOE:fXk8W7aOlxzr3cOK3Taj

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ba11c7326f8311b1a2f67af77f9deb33e3eb4a5c1959f03cd2d3e22bad1221af
- Size
  
  336KB
- MD5
  
  c2a3217bcd91eb6b5b73cea7f6fc315e
- SHA1
  
  c62a65a9dae9e84a39f86b5c5456d44936f0beec
- SHA256
  
  ba11c7326f8311b1a2f67af77f9deb33e3eb4a5c1959f03cd2d3e22bad1221af
- SHA512
  
  970f67e80427fb4181dbd980aabc599cc96d68d023985047651d2f3037041ae82867f6cb6e7cdc118d37ef3d3e5d0ca5bf6f6993dc49dec5945d63cefd4d0d27
- SSDEEP
  
  6144:fXaVPRX8Ly7aOl3BzrUmKyIxLfYeOO9UmKyIxLiajOE:fXk8W7aOlxzr3cOK3Taj
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence