8297c3538c58127bd2ee57f1a157b5086ccd0c0cb9a70522bf20d2cb814748f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8297c3538c58127bd2ee57f1a157b5086ccd0c0cb9a70522bf20d2cb814748f1
Size

187KB
Sample

240806-3xcyxayand
MD5

e28aa793ed44895dc4633658c77394b3
SHA1

5a9826db12be131fff48a1871b38d8c1827e0539
SHA256

8297c3538c58127bd2ee57f1a157b5086ccd0c0cb9a70522bf20d2cb814748f1
SHA512

d12051c5312d784499625b0692c22e4cfdd94804d47ddcbe994ce779f471b552cc70f2dd6b2a54ffac46d2de4945fe776e7a18820cfeba4c33b0b62c8af85995
SSDEEP

3072:vXZss0UJIKHPtdkK+S42VgtRQ2c+tlB5xpWJLM77OkeCK2+hDueH:vXZc6IKH35p42V+tbFOLM77OLLt

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8297c3538c58127bd2ee57f1a157b5086ccd0c0cb9a70522bf20d2cb814748f1
- Size
  
  187KB
- MD5
  
  e28aa793ed44895dc4633658c77394b3
- SHA1
  
  5a9826db12be131fff48a1871b38d8c1827e0539
- SHA256
  
  8297c3538c58127bd2ee57f1a157b5086ccd0c0cb9a70522bf20d2cb814748f1
- SHA512
  
  d12051c5312d784499625b0692c22e4cfdd94804d47ddcbe994ce779f471b552cc70f2dd6b2a54ffac46d2de4945fe776e7a18820cfeba4c33b0b62c8af85995
- SSDEEP
  
  3072:vXZss0UJIKHPtdkK+S42VgtRQ2c+tlB5xpWJLM77OkeCK2+hDueH:vXZc6IKH35p42V+tbFOLM77OLLt
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence