c1c8f17e4431e0c32ce7468269bf68fc3fe3f01f9e1f3ea6e2428448c9ebd838 | Triage

Sharing

General

Target

c1c8f17e4431e0c32ce7468269bf68fc3fe3f01f9e1f3ea6e2428448c9ebd838
Size

240KB
Sample

240802-e8645awepl
MD5

d672f041bfb7f1a747d2435ed9d391bd
SHA1

9f1f6cf9ecb182e33fe009d08764502143318ad7
SHA256

c1c8f17e4431e0c32ce7468269bf68fc3fe3f01f9e1f3ea6e2428448c9ebd838
SHA512

9032171fdcff9b83a599df2d3ae3d0431528030e6defd72f85122c740eb330aa0b12bb0b613702fad6e084b65a1e74f6dc3aa683e5e4f03ac72b988ba3555e76
SSDEEP

6144:NB7ye8EbAIojEcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:NBb8E07jtycSly8DSUA1YHVD

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c1c8f17e4431e0c32ce7468269bf68fc3fe3f01f9e1f3ea6e2428448c9ebd838
- Size
  
  240KB
- MD5
  
  d672f041bfb7f1a747d2435ed9d391bd
- SHA1
  
  9f1f6cf9ecb182e33fe009d08764502143318ad7
- SHA256
  
  c1c8f17e4431e0c32ce7468269bf68fc3fe3f01f9e1f3ea6e2428448c9ebd838
- SHA512
  
  9032171fdcff9b83a599df2d3ae3d0431528030e6defd72f85122c740eb330aa0b12bb0b613702fad6e084b65a1e74f6dc3aa683e5e4f03ac72b988ba3555e76
- SSDEEP
  
  6144:NB7ye8EbAIojEcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:NBb8E07jtycSly8DSUA1YHVD
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence