29da423a449ca37f6429c703bcd8459a27a9810242126326fc5a82a75cf7ade8 | Triage

Sharing

General

Target

bed61a9769f5b51c7aa45415415d4840N.exe
Size

727KB
Sample

240802-v4mspaxhmb
MD5

bed61a9769f5b51c7aa45415415d4840
SHA1

f6da5527b66f27776f34543ca282bf70b6ec9afa
SHA256

29da423a449ca37f6429c703bcd8459a27a9810242126326fc5a82a75cf7ade8
SHA512

56a8815ac1fad3453c2b4b9a27f30fe552c202f65a702c6fcf544c079b60ec60177b34a413d935e766ef6146497ae7332a1e2dc08949fa08568e69e3708208cf
SSDEEP

12288:rx86+A5t6NSN6G5tP6sus5t6NSN6G5tB1CWzJ5t6NSN6G5tP6sus5t6NSN6G5t:rx87vc6vc6S1CPc6vc6

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  bed61a9769f5b51c7aa45415415d4840N.exe
- Size
  
  727KB
- MD5
  
  bed61a9769f5b51c7aa45415415d4840
- SHA1
  
  f6da5527b66f27776f34543ca282bf70b6ec9afa
- SHA256
  
  29da423a449ca37f6429c703bcd8459a27a9810242126326fc5a82a75cf7ade8
- SHA512
  
  56a8815ac1fad3453c2b4b9a27f30fe552c202f65a702c6fcf544c079b60ec60177b34a413d935e766ef6146497ae7332a1e2dc08949fa08568e69e3708208cf
- SSDEEP
  
  12288:rx86+A5t6NSN6G5tP6sus5t6NSN6G5tB1CWzJ5t6NSN6G5tP6sus5t6NSN6G5t:rx87vc6vc6S1CPc6vc6
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence