5996a7f6f8b11d8c404eba3c01f57c73e69e7c3141e27dc36096fa8930c9e15a | Triage

Sharing

General

Target

2da4aa1eb6b55e91c0711dadb1e4ca80N.exe
Size

2.7MB
Sample

240726-tvhlyasfje
MD5

2da4aa1eb6b55e91c0711dadb1e4ca80
SHA1

df82440d5340a4a7f34b701f6bfdb0399e476438
SHA256

5996a7f6f8b11d8c404eba3c01f57c73e69e7c3141e27dc36096fa8930c9e15a
SHA512

dd921389cd3d8758fc3534681cbb80f215839b3822129f3bdfaf35d4627de4bec5140dccea0d5a517170cf21d470939940d2c8099a3872a3e36531c258d9ba9b
SSDEEP

49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBQ9w4Sx:+R0pI/IQlUoMPdmpSpK4

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2da4aa1eb6b55e91c0711dadb1e4ca80N.exe
- Size
  
  2.7MB
- MD5
  
  2da4aa1eb6b55e91c0711dadb1e4ca80
- SHA1
  
  df82440d5340a4a7f34b701f6bfdb0399e476438
- SHA256
  
  5996a7f6f8b11d8c404eba3c01f57c73e69e7c3141e27dc36096fa8930c9e15a
- SHA512
  
  dd921389cd3d8758fc3534681cbb80f215839b3822129f3bdfaf35d4627de4bec5140dccea0d5a517170cf21d470939940d2c8099a3872a3e36531c258d9ba9b
- SSDEEP
  
  49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBQ9w4Sx:+R0pI/IQlUoMPdmpSpK4
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence