ec6b836c7822f3b3d00a8a05c2f206c8d0dd964258e2d09443c4a4cb46a72b4e | Triage

Sharing

General

Target

d56ac9a057654e43c4287a4e1c93adf0N.exe
Size

128KB
Sample

240806-wh7fmszakh
MD5

d56ac9a057654e43c4287a4e1c93adf0
SHA1

b44cce024703110449514ddbeafb51c441dce1dd
SHA256

ec6b836c7822f3b3d00a8a05c2f206c8d0dd964258e2d09443c4a4cb46a72b4e
SHA512

00c9c49fd8f1bd5e55146ced39c3783b420fbfe4c53e707a0b47c78db79aed9d5edee095f139ad3fa2925be6de93c4c70108e7424c04b175ff387ebbe2661767
SSDEEP

3072:WPgiWO2YcSTPl/1iqeu9pui6yYPaI7DehizrVtN:W5LzdKopui6yYPaIGc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d56ac9a057654e43c4287a4e1c93adf0N.exe
- Size
  
  128KB
- MD5
  
  d56ac9a057654e43c4287a4e1c93adf0
- SHA1
  
  b44cce024703110449514ddbeafb51c441dce1dd
- SHA256
  
  ec6b836c7822f3b3d00a8a05c2f206c8d0dd964258e2d09443c4a4cb46a72b4e
- SHA512
  
  00c9c49fd8f1bd5e55146ced39c3783b420fbfe4c53e707a0b47c78db79aed9d5edee095f139ad3fa2925be6de93c4c70108e7424c04b175ff387ebbe2661767
- SSDEEP
  
  3072:WPgiWO2YcSTPl/1iqeu9pui6yYPaI7DehizrVtN:W5LzdKopui6yYPaIGc
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence