f5e212473089c17c94d6439716ccb97538ad205b12526467c3431b6f08c415e2 | Triage

Sharing

General

Target

c4b26ec95db217b1296738ae29429c50N.exe
Size

188KB
Sample

240805-xtkxfsvhkn
MD5

c4b26ec95db217b1296738ae29429c50
SHA1

85691d8f8e2e7d89f58d14513a387e8ad072de3d
SHA256

f5e212473089c17c94d6439716ccb97538ad205b12526467c3431b6f08c415e2
SHA512

d616cf2d2927d0c255ee31df2d31509677475d51970e9be672d7abbef0f5e4e0d76db6642ae2d7134f349c881ffbf50e947b5b6274eeefef8efb381f9553c9cf
SSDEEP

3072:VEeX4LzPCZwRLRUY0hQxdldUSc0kb1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSQ:b4aYLRv0hpSlI1AelhEN4MujGJoSoDco

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c4b26ec95db217b1296738ae29429c50N.exe
- Size
  
  188KB
- MD5
  
  c4b26ec95db217b1296738ae29429c50
- SHA1
  
  85691d8f8e2e7d89f58d14513a387e8ad072de3d
- SHA256
  
  f5e212473089c17c94d6439716ccb97538ad205b12526467c3431b6f08c415e2
- SHA512
  
  d616cf2d2927d0c255ee31df2d31509677475d51970e9be672d7abbef0f5e4e0d76db6642ae2d7134f349c881ffbf50e947b5b6274eeefef8efb381f9553c9cf
- SSDEEP
  
  3072:VEeX4LzPCZwRLRUY0hQxdldUSc0kb1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSQ:b4aYLRv0hpSlI1AelhEN4MujGJoSoDco
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence