5ea805acf84bc21d914566f27a14e513bf70276d8fa23b9598311de6c1447e41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ea805acf84bc21d914566f27a14e513bf70276d8fa23b9598311de6c1447e41
Size

400KB
Sample

240806-174hhasejk
MD5

71e602fd427d0aa182d50fdfc992fa42
SHA1

f5740ddf634f9cbc062f0827b1ef75a780237c04
SHA256

5ea805acf84bc21d914566f27a14e513bf70276d8fa23b9598311de6c1447e41
SHA512

d6e09be12a761fd37d33b909f5dffe3cfc067a6f986ecaaa466dab21db56f76233290b06370345d8673e5249e00db0600f6743ad05931ebdb0a3d1b0f88c8d6a
SSDEEP

6144:M0VGZ5gavlfZV7U/vlfl+9DvlEZV4U/vlf0DrBqvl8ZV1:FDavr5IvYvc6IveDVqvQ/

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5ea805acf84bc21d914566f27a14e513bf70276d8fa23b9598311de6c1447e41
- Size
  
  400KB
- MD5
  
  71e602fd427d0aa182d50fdfc992fa42
- SHA1
  
  f5740ddf634f9cbc062f0827b1ef75a780237c04
- SHA256
  
  5ea805acf84bc21d914566f27a14e513bf70276d8fa23b9598311de6c1447e41
- SHA512
  
  d6e09be12a761fd37d33b909f5dffe3cfc067a6f986ecaaa466dab21db56f76233290b06370345d8673e5249e00db0600f6743ad05931ebdb0a3d1b0f88c8d6a
- SSDEEP
  
  6144:M0VGZ5gavlfZV7U/vlfl+9DvlEZV4U/vlf0DrBqvl8ZV1:FDavr5IvYvc6IveDVqvQ/
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence