70cbc3b9bd4d3293cc362b98df5c8181864e73189ded2dcb6fd954a518c4ea17 | Triage

Sharing

General

Target

70cbc3b9bd4d3293cc362b98df5c8181864e73189ded2dcb6fd954a518c4ea17
Size

391KB
Sample

240727-3qk1yayckh
MD5

b9be494be146a497a1ddf4cd7de54526
SHA1

1aad678236e65fa53002c7363eac385a9555f5e1
SHA256

70cbc3b9bd4d3293cc362b98df5c8181864e73189ded2dcb6fd954a518c4ea17
SHA512

e119d957b3518e595abe548033265b77b5195a6c86a54d2acf784e5a5d7d25f148189ee63431e2608957671873d1ebc7ef73d14019fa6f15062202f0cf76e770
SSDEEP

12288:VHSqT9XvEhdfJkKSkU3kHyuaRB5t6k0IJogZ+SZE:VD9XvEhdfJkKSkU3kHyuaRB5t6k0IJon

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  70cbc3b9bd4d3293cc362b98df5c8181864e73189ded2dcb6fd954a518c4ea17
- Size
  
  391KB
- MD5
  
  b9be494be146a497a1ddf4cd7de54526
- SHA1
  
  1aad678236e65fa53002c7363eac385a9555f5e1
- SHA256
  
  70cbc3b9bd4d3293cc362b98df5c8181864e73189ded2dcb6fd954a518c4ea17
- SHA512
  
  e119d957b3518e595abe548033265b77b5195a6c86a54d2acf784e5a5d7d25f148189ee63431e2608957671873d1ebc7ef73d14019fa6f15062202f0cf76e770
- SSDEEP
  
  12288:VHSqT9XvEhdfJkKSkU3kHyuaRB5t6k0IJogZ+SZE:VD9XvEhdfJkKSkU3kHyuaRB5t6k0IJon
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence