140b16b8a5f2939874fcf5a0294eaef19e1dfb6549d0cd1f7216a4468571fd31 | Triage

Sharing

General

Target

4132e397d7c7ab9a3fef03f4292f8470N.exe
Size

768KB
Sample

240806-cfnqzawdjm
MD5

4132e397d7c7ab9a3fef03f4292f8470
SHA1

feab87e31a003aef1deaa38c07fd4e5dac93d12e
SHA256

140b16b8a5f2939874fcf5a0294eaef19e1dfb6549d0cd1f7216a4468571fd31
SHA512

dcd681b06a9f41eb47b5d4096b8b8906ddd407efe242b5f1f1c56da5c225936d7c1f82abf863ff7507027febfce3f780cec35972542edf34329e6c6833c76732
SSDEEP

12288:emlFvF6IvYvc6IveDVqvQ6IvTPh2kkkkK4kXkkkkkkkkl888888888888888888d:emlb3q5hPPh2kkkkK4kXkkkkkkkkH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4132e397d7c7ab9a3fef03f4292f8470N.exe
- Size
  
  768KB
- MD5
  
  4132e397d7c7ab9a3fef03f4292f8470
- SHA1
  
  feab87e31a003aef1deaa38c07fd4e5dac93d12e
- SHA256
  
  140b16b8a5f2939874fcf5a0294eaef19e1dfb6549d0cd1f7216a4468571fd31
- SHA512
  
  dcd681b06a9f41eb47b5d4096b8b8906ddd407efe242b5f1f1c56da5c225936d7c1f82abf863ff7507027febfce3f780cec35972542edf34329e6c6833c76732
- SSDEEP
  
  12288:emlFvF6IvYvc6IveDVqvQ6IvTPh2kkkkK4kXkkkkkkkkl888888888888888888d:emlb3q5hPPh2kkkkK4kXkkkkkkkkH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence