5812a7e318c46918d0287095e9c8fd1175b7bc82d8aa14dcee17e7c0d01458b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae90b2df2c9b5c1100d8c7db051b8b70N.exe
Size

16KB
Sample

240727-kbaybawhpp
MD5

ae90b2df2c9b5c1100d8c7db051b8b70
SHA1

dfd2fdf67a1e49f9fcea8e86ea27afed6bbdb275
SHA256

5812a7e318c46918d0287095e9c8fd1175b7bc82d8aa14dcee17e7c0d01458b0
SHA512

533397345179db60b60369315efba9f5180c8aeda8ce96f4e6b3f145ecb81fcae3a6fec2cf821ba7be2a4b1a64a995ce4e54cd62fc539bb87480c14aa0c83e5d
SSDEEP

384:xEtFJRvA1uyN15sDBvkb1Asp8zB/cxel7ul:itFJRIuyzyvAel7ul

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ae90b2df2c9b5c1100d8c7db051b8b70N.exe
- Size
  
  16KB
- MD5
  
  ae90b2df2c9b5c1100d8c7db051b8b70
- SHA1
  
  dfd2fdf67a1e49f9fcea8e86ea27afed6bbdb275
- SHA256
  
  5812a7e318c46918d0287095e9c8fd1175b7bc82d8aa14dcee17e7c0d01458b0
- SHA512
  
  533397345179db60b60369315efba9f5180c8aeda8ce96f4e6b3f145ecb81fcae3a6fec2cf821ba7be2a4b1a64a995ce4e54cd62fc539bb87480c14aa0c83e5d
- SSDEEP
  
  384:xEtFJRvA1uyN15sDBvkb1Asp8zB/cxel7ul:itFJRIuyzyvAel7ul
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence