771de7a17fd54621aac4c8dfa8c9bead58fcf1cd942e936934cfeffbf6b74336 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63ea775ebf9e1373ed62f3c0b47a96b0N.exe
Size

727KB
Sample

240802-gnfgsathne
MD5

63ea775ebf9e1373ed62f3c0b47a96b0
SHA1

991d20b350e1e09499f699347e17fd2397dcd55f
SHA256

771de7a17fd54621aac4c8dfa8c9bead58fcf1cd942e936934cfeffbf6b74336
SHA512

1b0b2b95b492cf3bbdcf3083b09172a0e4addc3de77ced8d7ccb78dd9cf785715b7dd9cd7fe4240d5e667573b0fcf01c6d45edae30138eaeb2a8b83d4e417c3f
SSDEEP

12288:zXrO5t6NSN6G5tTPfM5t6NSN6G5tKr/Do5t6NSN6G5tTPfM5t6NSN6G5t:z9c6ufjc6r/7c6ufjc6

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  63ea775ebf9e1373ed62f3c0b47a96b0N.exe
- Size
  
  727KB
- MD5
  
  63ea775ebf9e1373ed62f3c0b47a96b0
- SHA1
  
  991d20b350e1e09499f699347e17fd2397dcd55f
- SHA256
  
  771de7a17fd54621aac4c8dfa8c9bead58fcf1cd942e936934cfeffbf6b74336
- SHA512
  
  1b0b2b95b492cf3bbdcf3083b09172a0e4addc3de77ced8d7ccb78dd9cf785715b7dd9cd7fe4240d5e667573b0fcf01c6d45edae30138eaeb2a8b83d4e417c3f
- SSDEEP
  
  12288:zXrO5t6NSN6G5tTPfM5t6NSN6G5tKr/Do5t6NSN6G5tTPfM5t6NSN6G5t:z9c6ufjc6r/7c6ufjc6
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence