2238b090e2a9c64d6d7fe1e24d98fad508a7153211952d276e92fdc94c03b19d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2238b090e2a9c64d6d7fe1e24d98fad508a7153211952d276e92fdc94c03b19d
Size

320KB
Sample

240801-z3ah7a1bkb
MD5

9446d085b16b1383de1118a4e03d17c7
SHA1

8eff8ed3d4ac0bfd96e01175f69568e4041d9a0d
SHA256

2238b090e2a9c64d6d7fe1e24d98fad508a7153211952d276e92fdc94c03b19d
SHA512

729554cc66b317fc9a2efccbd04bcb6cc49f819d69efe240c9ac0d0bb26b8808a224bfa6cac2ba60db80261596a474e0c9371dbc0a7ec6270546f165d4f2a09c
SSDEEP

3072:NjRxoeRU9nwS/A4MK0FzJG/AMBxjUSmkCMQ/9h/NR5f0m:CemnV/Ah1G/AcQ///NR5fn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2238b090e2a9c64d6d7fe1e24d98fad508a7153211952d276e92fdc94c03b19d
- Size
  
  320KB
- MD5
  
  9446d085b16b1383de1118a4e03d17c7
- SHA1
  
  8eff8ed3d4ac0bfd96e01175f69568e4041d9a0d
- SHA256
  
  2238b090e2a9c64d6d7fe1e24d98fad508a7153211952d276e92fdc94c03b19d
- SHA512
  
  729554cc66b317fc9a2efccbd04bcb6cc49f819d69efe240c9ac0d0bb26b8808a224bfa6cac2ba60db80261596a474e0c9371dbc0a7ec6270546f165d4f2a09c
- SSDEEP
  
  3072:NjRxoeRU9nwS/A4MK0FzJG/AMBxjUSmkCMQ/9h/NR5f0m:CemnV/Ah1G/AcQ///NR5fn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence