fca7c0892597ddec439c86f082f9157210ff48c8e94817841ec213587402e278 | Triage

Sharing

General

Target

fca7c0892597ddec439c86f082f9157210ff48c8e94817841ec213587402e278
Size

463KB
Sample

240726-gmmjpszepl
MD5

0170866212b3619d841e75f6d18cd5ed
SHA1

739b16a4d9d9de3481f88ebdf9dddf0249ecc043
SHA256

fca7c0892597ddec439c86f082f9157210ff48c8e94817841ec213587402e278
SHA512

6816ea535dadad6d11f2d28c7ad9a5e790ad1184bdb8c61a1ba100bc832ff20a1cea10e1f130f841ed8d2aeab6442d757578ec3b8cca5551f2cfce3a55440198
SSDEEP

12288:Rs/18H/L4s5t6NSN6G5tb0fX5t6NSN6G5tTvz:Rs/16T4Dc6C0ec6gvz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fca7c0892597ddec439c86f082f9157210ff48c8e94817841ec213587402e278
- Size
  
  463KB
- MD5
  
  0170866212b3619d841e75f6d18cd5ed
- SHA1
  
  739b16a4d9d9de3481f88ebdf9dddf0249ecc043
- SHA256
  
  fca7c0892597ddec439c86f082f9157210ff48c8e94817841ec213587402e278
- SHA512
  
  6816ea535dadad6d11f2d28c7ad9a5e790ad1184bdb8c61a1ba100bc832ff20a1cea10e1f130f841ed8d2aeab6442d757578ec3b8cca5551f2cfce3a55440198
- SSDEEP
  
  12288:Rs/18H/L4s5t6NSN6G5tb0fX5t6NSN6G5tTvz:Rs/16T4Dc6C0ec6gvz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence