f88ec751a1f38a0da6f51d1cdee9bf7363673210d96e3625e472f1bb9af6bb3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TRP-StartUpv2 (1).exe
Size

35KB
Sample

240807-jjkl2sxhqd
MD5

0da2fb209d6024901b3526e681567af8
SHA1

6df1d2817c05de8bde8c00096b1bd7b0fd027244
SHA256

f88ec751a1f38a0da6f51d1cdee9bf7363673210d96e3625e472f1bb9af6bb3e
SHA512

931ebc720b38dd3542f9392c9f9efaaf298ff167d9005be9dbe2f0bf39ac2fca36f66f1632007b8b68da510e76dbecfc6ee46e91239a806c1a2fd14aad547e07
SSDEEP

384:25BhTo7cXy7ot5fec3yIuXt2HAYRtT2uPF449DOVM1iYVIy2drcuzl2ARd2d0shZ:KjoKt5fec8AAYtFO5YOW0l2ACvsaL

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  TRP-StartUpv2 (1).exe
- Size
  
  35KB
- MD5
  
  0da2fb209d6024901b3526e681567af8
- SHA1
  
  6df1d2817c05de8bde8c00096b1bd7b0fd027244
- SHA256
  
  f88ec751a1f38a0da6f51d1cdee9bf7363673210d96e3625e472f1bb9af6bb3e
- SHA512
  
  931ebc720b38dd3542f9392c9f9efaaf298ff167d9005be9dbe2f0bf39ac2fca36f66f1632007b8b68da510e76dbecfc6ee46e91239a806c1a2fd14aad547e07
- SSDEEP
  
  384:25BhTo7cXy7ot5fec3yIuXt2HAYRtT2uPF449DOVM1iYVIy2drcuzl2ARd2d0shZ:KjoKt5fec8AAYtFO5YOW0l2ACvsaL
Score

8^/10

execution persistence
- Creates new service(s)
  persistence execution
- Downloads MZ/PE file
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

executionpersistence