6b7ef8139bdc26f1d59033729380a034edd5b34d9abf6f835871d89fe8ea1369 | Triage

Sharing

General

Target

6b7ef8139bdc26f1d59033729380a034edd5b34d9abf6f835871d89fe8ea1369
Size

75KB
Sample

240802-2rw9xsybnf
MD5

e246f364f9d7954a84b648710974d3e7
SHA1

76faddb25a16b7f661d72688f8b75900fd52ea2d
SHA256

6b7ef8139bdc26f1d59033729380a034edd5b34d9abf6f835871d89fe8ea1369
SHA512

edb4e212445cf7fde642871358f2a8a9440d056fe2e370c6a8075fcb29c71e6aa85cc526a4c66f117f5c6bd7caf8c077665cc2b444ab3b21f107cb5cd314a33f
SSDEEP

1536:nKRrtg8b/odpJNyxdvab6CLZOTu12VG/UgVD2YxfO53q52IrFH:UhbQLPi9abVLZOTu12IUS2Ufg3qv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6b7ef8139bdc26f1d59033729380a034edd5b34d9abf6f835871d89fe8ea1369
- Size
  
  75KB
- MD5
  
  e246f364f9d7954a84b648710974d3e7
- SHA1
  
  76faddb25a16b7f661d72688f8b75900fd52ea2d
- SHA256
  
  6b7ef8139bdc26f1d59033729380a034edd5b34d9abf6f835871d89fe8ea1369
- SHA512
  
  edb4e212445cf7fde642871358f2a8a9440d056fe2e370c6a8075fcb29c71e6aa85cc526a4c66f117f5c6bd7caf8c077665cc2b444ab3b21f107cb5cd314a33f
- SSDEEP
  
  1536:nKRrtg8b/odpJNyxdvab6CLZOTu12VG/UgVD2YxfO53q52IrFH:UhbQLPi9abVLZOTu12IUS2Ufg3qv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence