aaf549f544fddf663b10c360b85c8f21df02784dc7b79f912d20a60ff99ea7b8 | Triage

Sharing

General

Target

c10a0fef371e4472bbb67abf4c510d80N.exe
Size

4.6MB
Sample

240802-wl692stfpr
MD5

c10a0fef371e4472bbb67abf4c510d80
SHA1

8b0b694752bf45cf72d703f9db368821f3c86922
SHA256

aaf549f544fddf663b10c360b85c8f21df02784dc7b79f912d20a60ff99ea7b8
SHA512

a2cac4875560e7a88f4f0b0032643707c890b9f659e678f546c7f0511052cd0769319608b181ea14cc6e8235e07b9f851b5f9708c004055edad912c0cb4049a8
SSDEEP

24576:9saOBmmOBgOBtcPjOBgOBmmOBgOBJOBgOBmmOBgOBtcPjOBgOBmmOBgOBTUOBgON:xL8TL896L8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c10a0fef371e4472bbb67abf4c510d80N.exe
- Size
  
  4.6MB
- MD5
  
  c10a0fef371e4472bbb67abf4c510d80
- SHA1
  
  8b0b694752bf45cf72d703f9db368821f3c86922
- SHA256
  
  aaf549f544fddf663b10c360b85c8f21df02784dc7b79f912d20a60ff99ea7b8
- SHA512
  
  a2cac4875560e7a88f4f0b0032643707c890b9f659e678f546c7f0511052cd0769319608b181ea14cc6e8235e07b9f851b5f9708c004055edad912c0cb4049a8
- SSDEEP
  
  24576:9saOBmmOBgOBtcPjOBgOBmmOBgOBJOBgOBmmOBgOBtcPjOBgOBmmOBgOBTUOBgON:xL8TL896L8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence