a690edf86270f1537e986170de1262d30bb65ba1df07b4220f803065003212e2 | Triage

Sharing

General

Target

c069991543a1fc9f362e3205af91da90N.exe
Size

760KB
Sample

240802-wfemvaycqg
MD5

c069991543a1fc9f362e3205af91da90
SHA1

f76d7affff4999d175808e8722f68bfb97ca0d81
SHA256

a690edf86270f1537e986170de1262d30bb65ba1df07b4220f803065003212e2
SHA512

b820969b6c2ff1c6485ab1c464c32c66527ce6d52091beba28964a0890cbea890927750e885808057dfdd5a562ac110e54cd028353c35534034f889c7b9ebf2f
SSDEEP

12288:oC2sBw3cOK3NPh2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiRLsq:v2dyNPh2kkkkK4kXkkkkkkkkhLx

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c069991543a1fc9f362e3205af91da90N.exe
- Size
  
  760KB
- MD5
  
  c069991543a1fc9f362e3205af91da90
- SHA1
  
  f76d7affff4999d175808e8722f68bfb97ca0d81
- SHA256
  
  a690edf86270f1537e986170de1262d30bb65ba1df07b4220f803065003212e2
- SHA512
  
  b820969b6c2ff1c6485ab1c464c32c66527ce6d52091beba28964a0890cbea890927750e885808057dfdd5a562ac110e54cd028353c35534034f889c7b9ebf2f
- SSDEEP
  
  12288:oC2sBw3cOK3NPh2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiRLsq:v2dyNPh2kkkkK4kXkkkkkkkkhLx
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence