58cf999994f9c83ed9f6113115fb6b81c3eaaf880e03d5eb8c7b124e2029ba3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

845fb15212b0d76fde2a5326d7021710N.exe
Size

181KB
Sample

240806-kk624svdjq
MD5

845fb15212b0d76fde2a5326d7021710
SHA1

f1532356d99811bedcb8f8a60ed11a3ffbe7672c
SHA256

58cf999994f9c83ed9f6113115fb6b81c3eaaf880e03d5eb8c7b124e2029ba3b
SHA512

6063661781d7ee73bc925628c40d1b39ff397b59a218b0986c5c1f1ec54426eb8491f80cff02d80017ddc9aa011dff9242502d7337e5a4af0cbdfe834b80272e
SSDEEP

3072:GARkzfgkILpWDG89l7e2RfuYOER1GGkgME/rLpWDG89:GTrgkGpWG89gQVJR1Gxc/pWG89

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  845fb15212b0d76fde2a5326d7021710N.exe
- Size
  
  181KB
- MD5
  
  845fb15212b0d76fde2a5326d7021710
- SHA1
  
  f1532356d99811bedcb8f8a60ed11a3ffbe7672c
- SHA256
  
  58cf999994f9c83ed9f6113115fb6b81c3eaaf880e03d5eb8c7b124e2029ba3b
- SHA512
  
  6063661781d7ee73bc925628c40d1b39ff397b59a218b0986c5c1f1ec54426eb8491f80cff02d80017ddc9aa011dff9242502d7337e5a4af0cbdfe834b80272e
- SSDEEP
  
  3072:GARkzfgkILpWDG89l7e2RfuYOER1GGkgME/rLpWDG89:GTrgkGpWG89gQVJR1Gxc/pWG89
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence