479cc6857b54a1aee0c1b79da4ec8eb23218f8b56955bcb47bd81803f11f0111 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

479cc6857b54a1aee0c1b79da4ec8eb23218f8b56955bcb47bd81803f11f0111
Size

512KB
Sample

240726-z9plpayfmf
MD5

997148e208d8e734c235e1e09d85b4c1
SHA1

f9bb601c75bbed239e3937588196610d27872e23
SHA256

479cc6857b54a1aee0c1b79da4ec8eb23218f8b56955bcb47bd81803f11f0111
SHA512

232286f14718ec2233fcae6a286f504fd895513f243df60730166647f89a6d8bc72d5161de233a87cafd550834e20eb193d5710ba8119a3a3e3e1fa99b1b74d5
SSDEEP

6144:dUQO9535rdQt383PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5fjlt01PB93GxK:dUdYr/Ng1/Nblt01PBExK

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  479cc6857b54a1aee0c1b79da4ec8eb23218f8b56955bcb47bd81803f11f0111
- Size
  
  512KB
- MD5
  
  997148e208d8e734c235e1e09d85b4c1
- SHA1
  
  f9bb601c75bbed239e3937588196610d27872e23
- SHA256
  
  479cc6857b54a1aee0c1b79da4ec8eb23218f8b56955bcb47bd81803f11f0111
- SHA512
  
  232286f14718ec2233fcae6a286f504fd895513f243df60730166647f89a6d8bc72d5161de233a87cafd550834e20eb193d5710ba8119a3a3e3e1fa99b1b74d5
- SSDEEP
  
  6144:dUQO9535rdQt383PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5fjlt01PB93GxK:dUdYr/Ng1/Nblt01PBExK
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence