8db9812e231d40e58700ca33ce44a0671d2dfdfb32184e7a36ee5ee0b03d193b | Triage

Sharing

General

Target

ad47f07d53c5d6b65ad20b91dea1f900N.exe
Size

364KB
Sample

240727-j48vdaygmf
MD5

ad47f07d53c5d6b65ad20b91dea1f900
SHA1

353361802f5795ec59d84f3ca1f7796056ccae21
SHA256

8db9812e231d40e58700ca33ce44a0671d2dfdfb32184e7a36ee5ee0b03d193b
SHA512

a7ebf95909a3c41b8948ce64136e3e337269011da646bccf9a5ce6f64951a0203f04e48b3a0d581f508c19aad101d31c35f96ba62a62825268af569ff1217aee
SSDEEP

3072:IgyksoVn24ho1mtye3lFDrFDHZtOga24ho1mtye3l9vOQV5PxkABq24ho1mtye34:p0sFj5tT3sFpzvHsFj5tT3sF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ad47f07d53c5d6b65ad20b91dea1f900N.exe
- Size
  
  364KB
- MD5
  
  ad47f07d53c5d6b65ad20b91dea1f900
- SHA1
  
  353361802f5795ec59d84f3ca1f7796056ccae21
- SHA256
  
  8db9812e231d40e58700ca33ce44a0671d2dfdfb32184e7a36ee5ee0b03d193b
- SHA512
  
  a7ebf95909a3c41b8948ce64136e3e337269011da646bccf9a5ce6f64951a0203f04e48b3a0d581f508c19aad101d31c35f96ba62a62825268af569ff1217aee
- SSDEEP
  
  3072:IgyksoVn24ho1mtye3lFDrFDHZtOga24ho1mtye3l9vOQV5PxkABq24ho1mtye34:p0sFj5tT3sFpzvHsFj5tT3sF
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence