2cb22f3235456a93dd6ac78aa814e4a300b16cad735e963e5dd0bd2d2c0c9781 | Triage

Sharing

General

Target

504f1bf70661763e85e5dba0d8c38210N.exe
Size

96KB
Sample

240806-dxsxpayaml
MD5

504f1bf70661763e85e5dba0d8c38210
SHA1

bf5ab312ac572b8617f1c484ce8ef0dc5b31eeee
SHA256

2cb22f3235456a93dd6ac78aa814e4a300b16cad735e963e5dd0bd2d2c0c9781
SHA512

04055c11d426d14f1c1a7b1974b8af599196a80a0e7e9242f4bd445dff87d7de634d6600228cf387dba9f11fa987408ce213a2ea1d5e8e0c1f5ef41bc3dc14fb
SSDEEP

1536:RtF+R5raN9bXoiJbzUHKHdBVI2L67RZObZUUWaegPYA:Ri5uN9zoiJbRHRZ6ClUUWae

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  504f1bf70661763e85e5dba0d8c38210N.exe
- Size
  
  96KB
- MD5
  
  504f1bf70661763e85e5dba0d8c38210
- SHA1
  
  bf5ab312ac572b8617f1c484ce8ef0dc5b31eeee
- SHA256
  
  2cb22f3235456a93dd6ac78aa814e4a300b16cad735e963e5dd0bd2d2c0c9781
- SHA512
  
  04055c11d426d14f1c1a7b1974b8af599196a80a0e7e9242f4bd445dff87d7de634d6600228cf387dba9f11fa987408ce213a2ea1d5e8e0c1f5ef41bc3dc14fb
- SSDEEP
  
  1536:RtF+R5raN9bXoiJbzUHKHdBVI2L67RZObZUUWaegPYA:Ri5uN9zoiJbRHRZ6ClUUWae
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence