45319513bbface29ba53f6b275308ad11cfd655b4ff9f31809b9dccf24551168 | Triage

Sharing

General

Target

45319513bbface29ba53f6b275308ad11cfd655b4ff9f31809b9dccf24551168
Size

285KB
Sample

240808-zlkmtszaqp
MD5

916ab0e605f701d06d7b3f6d0d626f2c
SHA1

434dae4a2214871bf5136f7bb539af3e0f5e706a
SHA256

45319513bbface29ba53f6b275308ad11cfd655b4ff9f31809b9dccf24551168
SHA512

82ddf98979a6bacdf5d3483bc33f0764f65b3c324d9e1e6a89c946bd40effe2908b8b5142c32d6fce010678b8d9ce04fe30df2b97057d91fa558ec9ae178c139
SSDEEP

6144:QGacdKuei3STYaT15f7o+STYaT15f6ZLXonvPeZaF8vs:QGacje7TYapJoTYapiMnOZ9

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  45319513bbface29ba53f6b275308ad11cfd655b4ff9f31809b9dccf24551168
- Size
  
  285KB
- MD5
  
  916ab0e605f701d06d7b3f6d0d626f2c
- SHA1
  
  434dae4a2214871bf5136f7bb539af3e0f5e706a
- SHA256
  
  45319513bbface29ba53f6b275308ad11cfd655b4ff9f31809b9dccf24551168
- SHA512
  
  82ddf98979a6bacdf5d3483bc33f0764f65b3c324d9e1e6a89c946bd40effe2908b8b5142c32d6fce010678b8d9ce04fe30df2b97057d91fa558ec9ae178c139
- SSDEEP
  
  6144:QGacdKuei3STYaT15f7o+STYaT15f6ZLXonvPeZaF8vs:QGacje7TYapJoTYapiMnOZ9
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence