b928b3ae6999864a0213a08d2d9fb73b555e9cf663a07c708d74727c03db56b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b928b3ae6999864a0213a08d2d9fb73b555e9cf663a07c708d74727c03db56b9
Size

42KB
Sample

240727-dbmtjssepj
MD5

e30618287fd017cd078d6625c83dbb2f
SHA1

9c505d0f6411dcb7924f36d9654ff2f671ff423c
SHA256

b928b3ae6999864a0213a08d2d9fb73b555e9cf663a07c708d74727c03db56b9
SHA512

d1e338bd89d7d5bf65f705e6ac9a2e3ee4b713d28bc1a8d70ac5672773f6d035ea4f6821612a50a9c3f73fcf6902878c0d7b7d1dc0607ff12968dc4e6702a6dd
SSDEEP

768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhh:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYB

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b928b3ae6999864a0213a08d2d9fb73b555e9cf663a07c708d74727c03db56b9
- Size
  
  42KB
- MD5
  
  e30618287fd017cd078d6625c83dbb2f
- SHA1
  
  9c505d0f6411dcb7924f36d9654ff2f671ff423c
- SHA256
  
  b928b3ae6999864a0213a08d2d9fb73b555e9cf663a07c708d74727c03db56b9
- SHA512
  
  d1e338bd89d7d5bf65f705e6ac9a2e3ee4b713d28bc1a8d70ac5672773f6d035ea4f6821612a50a9c3f73fcf6902878c0d7b7d1dc0607ff12968dc4e6702a6dd
- SSDEEP
  
  768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhh:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYB
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence