8b5fdf4947423404af1e00021b308c4252a95aeb7cf05396e56ec66b8e956a63 | Triage

Sharing

General

Target

563f7c69e3cc05d809d6cb6c85722020N.exe
Size

240KB
Sample

240802-e8t5kawenl
MD5

563f7c69e3cc05d809d6cb6c85722020
SHA1

aea166542a71636111789774bbf49a507e7af8cc
SHA256

8b5fdf4947423404af1e00021b308c4252a95aeb7cf05396e56ec66b8e956a63
SHA512

6645931f0fc2b6773db762aacaf19feb05998ce95bb227e085f668272f9eca2fe10cecd9ed2057735c7d06a3404106c777ffc9fc2709f883ac6cc1f9291c95b2
SSDEEP

6144:qJ37dMCDYN/orEcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:sJprtycSly8DSUA1YHVD

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  563f7c69e3cc05d809d6cb6c85722020N.exe
- Size
  
  240KB
- MD5
  
  563f7c69e3cc05d809d6cb6c85722020
- SHA1
  
  aea166542a71636111789774bbf49a507e7af8cc
- SHA256
  
  8b5fdf4947423404af1e00021b308c4252a95aeb7cf05396e56ec66b8e956a63
- SHA512
  
  6645931f0fc2b6773db762aacaf19feb05998ce95bb227e085f668272f9eca2fe10cecd9ed2057735c7d06a3404106c777ffc9fc2709f883ac6cc1f9291c95b2
- SSDEEP
  
  6144:qJ37dMCDYN/orEcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:sJprtycSly8DSUA1YHVD
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence