df0c18cc61f32a02606fe0fbc6de8959a95f465ad2cb9175e1aa2849134c389b | Triage

Sharing

General

Target

df0c18cc61f32a02606fe0fbc6de8959a95f465ad2cb9175e1aa2849134c389b
Size

92KB
Sample

240727-fedq6ayaqr
MD5

d9abe8ce707fcdbda6c9a0bc9c9912ed
SHA1

3d7e19d69128139582c00f3d712733adcae7898f
SHA256

df0c18cc61f32a02606fe0fbc6de8959a95f465ad2cb9175e1aa2849134c389b
SHA512

c992db76ea36aea3d3650a55f24112015b00670feffc82746a30f378141a40e834a103112b7dbd076e1c56e3fb27e01f6bc6c3020354f8a7f8e533f6d2232ed6
SSDEEP

1536:oN1wEzLfR5n7KGoudu29PXyXuJCjXq+66DFUABABOVLefE3:U1wEx9QWp96XwCj6+JB8M3

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  df0c18cc61f32a02606fe0fbc6de8959a95f465ad2cb9175e1aa2849134c389b
- Size
  
  92KB
- MD5
  
  d9abe8ce707fcdbda6c9a0bc9c9912ed
- SHA1
  
  3d7e19d69128139582c00f3d712733adcae7898f
- SHA256
  
  df0c18cc61f32a02606fe0fbc6de8959a95f465ad2cb9175e1aa2849134c389b
- SHA512
  
  c992db76ea36aea3d3650a55f24112015b00670feffc82746a30f378141a40e834a103112b7dbd076e1c56e3fb27e01f6bc6c3020354f8a7f8e533f6d2232ed6
- SSDEEP
  
  1536:oN1wEzLfR5n7KGoudu29PXyXuJCjXq+66DFUABABOVLefE3:U1wEx9QWp96XwCj6+JB8M3
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence