8f2f055cc299c53f1652c6e6a81383d18d20685bf2eacb819d83fcb1d4e7705f | Triage

Sharing

General

Target

8f2f055cc299c53f1652c6e6a81383d18d20685bf2eacb819d83fcb1d4e7705f
Size

144KB
Sample

240802-cqa8mazemp
MD5

a3c1617c56ef43528a36d24d2c538fb2
SHA1

0423e692ded0aecf8209a091f4a46fcf75f9b871
SHA256

8f2f055cc299c53f1652c6e6a81383d18d20685bf2eacb819d83fcb1d4e7705f
SHA512

1da0cda37ae8d9c6740e99b89304ab4bce0a38009cce3c29d8af9abd859309d8b5d156c14e69a5d34668850e3fd751b3c1e36d0b65e33b866c81da3a15ba1c3f
SSDEEP

3072:3Dz9/6Dy8hZwhcw3+AbH7GTgPgHq/Wp+YmKfxgQdxvq:lCDy2wJqgPUmKyIxi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8f2f055cc299c53f1652c6e6a81383d18d20685bf2eacb819d83fcb1d4e7705f
- Size
  
  144KB
- MD5
  
  a3c1617c56ef43528a36d24d2c538fb2
- SHA1
  
  0423e692ded0aecf8209a091f4a46fcf75f9b871
- SHA256
  
  8f2f055cc299c53f1652c6e6a81383d18d20685bf2eacb819d83fcb1d4e7705f
- SHA512
  
  1da0cda37ae8d9c6740e99b89304ab4bce0a38009cce3c29d8af9abd859309d8b5d156c14e69a5d34668850e3fd751b3c1e36d0b65e33b866c81da3a15ba1c3f
- SSDEEP
  
  3072:3Dz9/6Dy8hZwhcw3+AbH7GTgPgHq/Wp+YmKfxgQdxvq:lCDy2wJqgPUmKyIxi
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence