dde91a5497d8caf6fd852bb85f3fa9c343c1ed615ee059e0b2fb01d7556fb8bc | Triage

Sharing

General

Target

dde91a5497d8caf6fd852bb85f3fa9c343c1ed615ee059e0b2fb01d7556fb8bc
Size

128KB
Sample

240727-fbwgssxhnr
MD5

2f85c892a4d9e047980f6a6f2e2e713f
SHA1

3f4e8bb17e83320641ec795e3712fc2592afa587
SHA256

dde91a5497d8caf6fd852bb85f3fa9c343c1ed615ee059e0b2fb01d7556fb8bc
SHA512

46df949f157a8f30c028d57c54cc26a287e24639b341f935b1d94b9968b421347324e4fd2e0797afa07b9876304cb9809b0ee1bb73bb3c786b1bd3afaad31eaf
SSDEEP

3072:eWrzvVWuoMGJ9IDlRxyhTbhgu+tAcrbFAJc+i:vrxWuoMGsDshsrtMk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dde91a5497d8caf6fd852bb85f3fa9c343c1ed615ee059e0b2fb01d7556fb8bc
- Size
  
  128KB
- MD5
  
  2f85c892a4d9e047980f6a6f2e2e713f
- SHA1
  
  3f4e8bb17e83320641ec795e3712fc2592afa587
- SHA256
  
  dde91a5497d8caf6fd852bb85f3fa9c343c1ed615ee059e0b2fb01d7556fb8bc
- SHA512
  
  46df949f157a8f30c028d57c54cc26a287e24639b341f935b1d94b9968b421347324e4fd2e0797afa07b9876304cb9809b0ee1bb73bb3c786b1bd3afaad31eaf
- SSDEEP
  
  3072:eWrzvVWuoMGJ9IDlRxyhTbhgu+tAcrbFAJc+i:vrxWuoMGsDshsrtMk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence