b8779bf88eff3a0d6551ede7a241e58bdfb36f0af249df6c37f9fbfc374e9be9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

301fe8ab9b1da2a70b11b00906b877a0N.exe
Size

224KB
Sample

240807-acwlasvdjl
MD5

301fe8ab9b1da2a70b11b00906b877a0
SHA1

b9c7866b70461a8dfc12c1bfae3dedd60cb3ac13
SHA256

b8779bf88eff3a0d6551ede7a241e58bdfb36f0af249df6c37f9fbfc374e9be9
SHA512

ea893e55d25b407bb9c4a3fe0bbb27132ae531fcd5a48c7c018ea8950a50963b77a135cf3328cdfc877ba409f16c3190bb996d74a9821cb942d599ba4beeaa3a
SSDEEP

3072:41CM2Eyws5lVWMVTz2B1xdLm102VZjuajDMyap9jCyFsWteYCWS3:4GE1OWMVTz2B1xBm102VQlter

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  301fe8ab9b1da2a70b11b00906b877a0N.exe
- Size
  
  224KB
- MD5
  
  301fe8ab9b1da2a70b11b00906b877a0
- SHA1
  
  b9c7866b70461a8dfc12c1bfae3dedd60cb3ac13
- SHA256
  
  b8779bf88eff3a0d6551ede7a241e58bdfb36f0af249df6c37f9fbfc374e9be9
- SHA512
  
  ea893e55d25b407bb9c4a3fe0bbb27132ae531fcd5a48c7c018ea8950a50963b77a135cf3328cdfc877ba409f16c3190bb996d74a9821cb942d599ba4beeaa3a
- SSDEEP
  
  3072:41CM2Eyws5lVWMVTz2B1xdLm102VZjuajDMyap9jCyFsWteYCWS3:4GE1OWMVTz2B1xBm102VQlter
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence