4f9e06ec00a935a224a9ab84a8b0fb2dff436842e0f6d6734e9f437df98f40c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f9e06ec00a935a224a9ab84a8b0fb2dff436842e0f6d6734e9f437df98f40c0
Size

234KB
Sample

240727-11hx8a1cmk
MD5

53f05c6be48814705b599e8a4a817439
SHA1

ce39b1af28e3ff5c7354e68955dc3339adfb3d40
SHA256

4f9e06ec00a935a224a9ab84a8b0fb2dff436842e0f6d6734e9f437df98f40c0
SHA512

bbad81fb23bdc9d870b00743105478cd736196c269b7d75b054fd48201cfe916107b30fadfd79f8aa6284d13c1bb991adc59b414ae70f620e33b44502565c80b
SSDEEP

6144:dONDj2eyvtPyNJh6EdIffHYSygzB0cDTx:dONeeHTAEdIfvll9lDT

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  4f9e06ec00a935a224a9ab84a8b0fb2dff436842e0f6d6734e9f437df98f40c0
- Size
  
  234KB
- MD5
  
  53f05c6be48814705b599e8a4a817439
- SHA1
  
  ce39b1af28e3ff5c7354e68955dc3339adfb3d40
- SHA256
  
  4f9e06ec00a935a224a9ab84a8b0fb2dff436842e0f6d6734e9f437df98f40c0
- SHA512
  
  bbad81fb23bdc9d870b00743105478cd736196c269b7d75b054fd48201cfe916107b30fadfd79f8aa6284d13c1bb991adc59b414ae70f620e33b44502565c80b
- SSDEEP
  
  6144:dONDj2eyvtPyNJh6EdIffHYSygzB0cDTx:dONeeHTAEdIfvll9lDT
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence