ee4358b5ed4a4ad2c9a46fa7efb51c99de5b77686406eac22b26b1e7087f9c8f | Triage

Sharing

General

Target

ee4358b5ed4a4ad2c9a46fa7efb51c99de5b77686406eac22b26b1e7087f9c8f
Size

390KB
Sample

240726-f2f5ssydlk
MD5

507e836ead8a7f61002f26ddb7f59bb1
SHA1

0a874cfb444e8ebd0d056b8b086ab6385d9b3847
SHA256

ee4358b5ed4a4ad2c9a46fa7efb51c99de5b77686406eac22b26b1e7087f9c8f
SHA512

e51bbc7f179eb429f63d88c8cff2b85a9966a5565c31efdd8337c61173282d6861946c19d9a6cf7083b8576b47a74b01e6c9d2bcf05875a37a76dd9997c9d184
SSDEEP

6144:GN3A/xship72Bz66b+X0RjtdgOPAUvgkNRgdgOPAUvgkG:Pxs8p72EUngEiM2gEif

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee4358b5ed4a4ad2c9a46fa7efb51c99de5b77686406eac22b26b1e7087f9c8f
- Size
  
  390KB
- MD5
  
  507e836ead8a7f61002f26ddb7f59bb1
- SHA1
  
  0a874cfb444e8ebd0d056b8b086ab6385d9b3847
- SHA256
  
  ee4358b5ed4a4ad2c9a46fa7efb51c99de5b77686406eac22b26b1e7087f9c8f
- SHA512
  
  e51bbc7f179eb429f63d88c8cff2b85a9966a5565c31efdd8337c61173282d6861946c19d9a6cf7083b8576b47a74b01e6c9d2bcf05875a37a76dd9997c9d184
- SSDEEP
  
  6144:GN3A/xship72Bz66b+X0RjtdgOPAUvgkNRgdgOPAUvgkG:Pxs8p72EUngEiM2gEif
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence