34bcad4c05871273fa3ce9763395c4a685b631f46c29a2d7f87a0047f3a51e70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34bcad4c05871273fa3ce9763395c4a685b631f46c29a2d7f87a0047f3a51e70
Size

186KB
Sample

240801-14cklsyenq
MD5

f003cfc93c3bcc9ca3322fc51a2ee366
SHA1

4f87be72f474aec8708a5f78b6505aed089ef605
SHA256

34bcad4c05871273fa3ce9763395c4a685b631f46c29a2d7f87a0047f3a51e70
SHA512

d9ed9f6d5beed8f2a284c96cab7ac0f92f805f46218538d605cd151c633da8d55a92214bedfa6a438f015f2e2f1c756c32781c6e5ca620c9b900623dab3ff3ff
SSDEEP

3072:O7k1nJVfcWBxSed+39UdbB8NzTiSkFv+Y4H1vkF3VOMC4uMhZpMdoVBRDI+Vvlgu:O7IFbB8NzTiSkF+Jk/4AcgHuv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  34bcad4c05871273fa3ce9763395c4a685b631f46c29a2d7f87a0047f3a51e70
- Size
  
  186KB
- MD5
  
  f003cfc93c3bcc9ca3322fc51a2ee366
- SHA1
  
  4f87be72f474aec8708a5f78b6505aed089ef605
- SHA256
  
  34bcad4c05871273fa3ce9763395c4a685b631f46c29a2d7f87a0047f3a51e70
- SHA512
  
  d9ed9f6d5beed8f2a284c96cab7ac0f92f805f46218538d605cd151c633da8d55a92214bedfa6a438f015f2e2f1c756c32781c6e5ca620c9b900623dab3ff3ff
- SSDEEP
  
  3072:O7k1nJVfcWBxSed+39UdbB8NzTiSkFv+Y4H1vkF3VOMC4uMhZpMdoVBRDI+Vvlgu:O7IFbB8NzTiSkF+Jk/4AcgHuv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence