14f6f0179b6cb097db50d2d0926ca721b0fc48c242d20026a65cb05805a8b558 | Triage

Sharing

General

Target

14f6f0179b6cb097db50d2d0926ca721b0fc48c242d20026a65cb05805a8b558
Size

49KB
Sample

240807-xwa52awbpe
MD5

1197964fe4b791343553ced48542713e
SHA1

8b6de1e1a9c55c3f00b77d45af4c5ee361eeb51b
SHA256

14f6f0179b6cb097db50d2d0926ca721b0fc48c242d20026a65cb05805a8b558
SHA512

0a32130040d0930811f3330316433d677916cacdac27ad3276ff4c0cebd578cafd3379a1f07aa4a61ae0ef723eff2a733cc101f5dd3edc965d242ed16ed88318
SSDEEP

768:E5FAy1oY7x+YETfoJh8PxfuSD4mlbt5RqzUCj4/1H5uu2Xdnh:EfjoqrETfoJhoxm1mFtfqzt6cH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  14f6f0179b6cb097db50d2d0926ca721b0fc48c242d20026a65cb05805a8b558
- Size
  
  49KB
- MD5
  
  1197964fe4b791343553ced48542713e
- SHA1
  
  8b6de1e1a9c55c3f00b77d45af4c5ee361eeb51b
- SHA256
  
  14f6f0179b6cb097db50d2d0926ca721b0fc48c242d20026a65cb05805a8b558
- SHA512
  
  0a32130040d0930811f3330316433d677916cacdac27ad3276ff4c0cebd578cafd3379a1f07aa4a61ae0ef723eff2a733cc101f5dd3edc965d242ed16ed88318
- SSDEEP
  
  768:E5FAy1oY7x+YETfoJh8PxfuSD4mlbt5RqzUCj4/1H5uu2Xdnh:EfjoqrETfoJhoxm1mFtfqzt6cH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence