5fef9e861fad703b8f2f3dded4dba6d012bc38f116d3bfde557c86dabeb54b79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e9d6b20c01b7b1d922daad2b8e83ff0N.exe
Size

219KB
Sample

240807-f53szawapb
MD5

6e9d6b20c01b7b1d922daad2b8e83ff0
SHA1

93475c337cf251964e83921498d353dd05dfb2c9
SHA256

5fef9e861fad703b8f2f3dded4dba6d012bc38f116d3bfde557c86dabeb54b79
SHA512

79ac2584e482fe832849bb4f119169618e5a90e54a3d4a6887a3b33fb079b62f3d27f57bf22415054a473ea21bf507d74ebde9c4521a1b6818f2bc2ff5b7ff67
SSDEEP

3072:vg5AQk8L8N28xPzwuZkO0aDb/IBPCOQvU6z314EXrjvwSfYrwBt:ZQk8L385zDOO0aDD4PCxdXXwSfYrwB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6e9d6b20c01b7b1d922daad2b8e83ff0N.exe
- Size
  
  219KB
- MD5
  
  6e9d6b20c01b7b1d922daad2b8e83ff0
- SHA1
  
  93475c337cf251964e83921498d353dd05dfb2c9
- SHA256
  
  5fef9e861fad703b8f2f3dded4dba6d012bc38f116d3bfde557c86dabeb54b79
- SHA512
  
  79ac2584e482fe832849bb4f119169618e5a90e54a3d4a6887a3b33fb079b62f3d27f57bf22415054a473ea21bf507d74ebde9c4521a1b6818f2bc2ff5b7ff67
- SSDEEP
  
  3072:vg5AQk8L8N28xPzwuZkO0aDb/IBPCOQvU6z314EXrjvwSfYrwBt:ZQk8L385zDOO0aDD4PCxdXXwSfYrwB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence