2a0943de69d8c2aa0aa338364d3a549721d75445a62b0fe4f86568e0cc431fbf | Triage

Sharing

General

Target

2a0943de69d8c2aa0aa338364d3a549721d75445a62b0fe4f86568e0cc431fbf
Size

128KB
Sample

240807-ywfaestbqj
MD5

4a47e9690dbb088fe69c0a2f4682098d
SHA1

daa4efd7540a771ff489e9ff448605f56dc4ec9a
SHA256

2a0943de69d8c2aa0aa338364d3a549721d75445a62b0fe4f86568e0cc431fbf
SHA512

9607ec27cd7a59f8c1d287bc32bd46d94414466b1747f30905435ce69e4cd3cc2917f91e77b210fa108e83c48e493d155c7621bf831227d81537896c30a5da46
SSDEEP

3072:T2E4CtygMKeJqBW+pMInDd1AZoUBW3FJeRuaWNXmgu+tB:TRMKeJGp7DdWZHEFJ7aWN1B

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2a0943de69d8c2aa0aa338364d3a549721d75445a62b0fe4f86568e0cc431fbf
- Size
  
  128KB
- MD5
  
  4a47e9690dbb088fe69c0a2f4682098d
- SHA1
  
  daa4efd7540a771ff489e9ff448605f56dc4ec9a
- SHA256
  
  2a0943de69d8c2aa0aa338364d3a549721d75445a62b0fe4f86568e0cc431fbf
- SHA512
  
  9607ec27cd7a59f8c1d287bc32bd46d94414466b1747f30905435ce69e4cd3cc2917f91e77b210fa108e83c48e493d155c7621bf831227d81537896c30a5da46
- SSDEEP
  
  3072:T2E4CtygMKeJqBW+pMInDd1AZoUBW3FJeRuaWNXmgu+tB:TRMKeJGp7DdWZHEFJ7aWN1B
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence