6728579691845cd78ae57de1680e291fc58a46d88cfc40563755b92562b154b3 | Triage

Sharing

General

Target

6ed170485ca598ccc31781416a315710N.exe
Size

143KB
Sample

240805-kjfhrs1erp
MD5

6ed170485ca598ccc31781416a315710
SHA1

30a23edde75f13b2ed791631ff52d6e2d2bdcf5a
SHA256

6728579691845cd78ae57de1680e291fc58a46d88cfc40563755b92562b154b3
SHA512

aa06fe153905a90784b1bf07c1eb19bf0f9360bbeaa19309b81a663769dedeff83590a93bd6003520d90d9fe8cb61e07d92712e7a4f37b62a3716e5188ce510c
SSDEEP

3072:3LVoDvPd+A4WhkhXDl+i1lApwH08TdTIIIIIIIIIIIIIIIIIIfIIIIyIIIITIIIe:ZopGGgbiwU8JC

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  6ed170485ca598ccc31781416a315710N.exe
- Size
  
  143KB
- MD5
  
  6ed170485ca598ccc31781416a315710
- SHA1
  
  30a23edde75f13b2ed791631ff52d6e2d2bdcf5a
- SHA256
  
  6728579691845cd78ae57de1680e291fc58a46d88cfc40563755b92562b154b3
- SHA512
  
  aa06fe153905a90784b1bf07c1eb19bf0f9360bbeaa19309b81a663769dedeff83590a93bd6003520d90d9fe8cb61e07d92712e7a4f37b62a3716e5188ce510c
- SSDEEP
  
  3072:3LVoDvPd+A4WhkhXDl+i1lApwH08TdTIIIIIIIIIIIIIIIIIIfIIIIyIIIITIIIe:ZopGGgbiwU8JC
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Modifies system executable filetype association
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence