9d43b0229658a61896ee5e14526bb64d0f87bcc74bda2d28c465fa687997a00c | Triage

Resubmissions

02/08/2024, 11:40

240802-ns37za1ckh 10

02/08/2024, 11:39

240802-nsppkswejl 3

02/08/2024, 11:36

240802-nqmgfa1bqf 10

Sharing

General

Target

9a17ad1aad76a0922488ceb6d7ec9210N.exe
Size

128KB
Sample

240802-ns37za1ckh
MD5

9a17ad1aad76a0922488ceb6d7ec9210
SHA1

bd1066877e02d6dafab20a0cf91ef112a1aa25bd
SHA256

9d43b0229658a61896ee5e14526bb64d0f87bcc74bda2d28c465fa687997a00c
SHA512

889904a8d2765ad82558426b5b04dee4d09cf8ce55e4bd39a013295ebdb3d5e064b2498c32fa1a13d4315371ed8f70833b0fb7bbc2b6e35ab9b85fe226c6942b
SSDEEP

3072:ooEMyMsE2/+WDs3yjre5GWCraX4mW2wS7IrHrYj:obMyMr6+WDs3yjre5/dImHwMOHm

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9a17ad1aad76a0922488ceb6d7ec9210N.exe
- Size
  
  128KB
- MD5
  
  9a17ad1aad76a0922488ceb6d7ec9210
- SHA1
  
  bd1066877e02d6dafab20a0cf91ef112a1aa25bd
- SHA256
  
  9d43b0229658a61896ee5e14526bb64d0f87bcc74bda2d28c465fa687997a00c
- SHA512
  
  889904a8d2765ad82558426b5b04dee4d09cf8ce55e4bd39a013295ebdb3d5e064b2498c32fa1a13d4315371ed8f70833b0fb7bbc2b6e35ab9b85fe226c6942b
- SSDEEP
  
  3072:ooEMyMsE2/+WDs3yjre5GWCraX4mW2wS7IrHrYj:obMyMr6+WDs3yjre5/dImHwMOHm
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence