1f8cc2994750965ba1e85f20d5a9e101954e0370c386a4f2d4953d0577c01e51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6fca21a3ca8c5a90081e7a2c55cda80N.exe
Size

280KB
Sample

240727-mja96axdjh
MD5

b6fca21a3ca8c5a90081e7a2c55cda80
SHA1

ad764dc7b5db7276007b3a6d560ccd6326ab82ac
SHA256

1f8cc2994750965ba1e85f20d5a9e101954e0370c386a4f2d4953d0577c01e51
SHA512

75e95b162c7ccf0dfa47625152df93d0e242034d700e947d6d78947a7f1d831844425b092d136388cd8d060c2e6909e4b0430aa1eb3b6583482d2353d5c8aca7
SSDEEP

6144:yusrTjZsfpn9hci/GOORjMmRUoooooooooooooooooooooooooy/G3:T6yn9+i//OVLCoooooooooooooooooo0

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b6fca21a3ca8c5a90081e7a2c55cda80N.exe
- Size
  
  280KB
- MD5
  
  b6fca21a3ca8c5a90081e7a2c55cda80
- SHA1
  
  ad764dc7b5db7276007b3a6d560ccd6326ab82ac
- SHA256
  
  1f8cc2994750965ba1e85f20d5a9e101954e0370c386a4f2d4953d0577c01e51
- SHA512
  
  75e95b162c7ccf0dfa47625152df93d0e242034d700e947d6d78947a7f1d831844425b092d136388cd8d060c2e6909e4b0430aa1eb3b6583482d2353d5c8aca7
- SSDEEP
  
  6144:yusrTjZsfpn9hci/GOORjMmRUoooooooooooooooooooooooooy/G3:T6yn9+i//OVLCoooooooooooooooooo0
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence