3d13530509fa6bbf3329c11b3ddc21a8dfb70a9aba89c7ea1c52d96968d615b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d13530509fa6bbf3329c11b3ddc21a8dfb70a9aba89c7ea1c52d96968d615b5
Size

80KB
Sample

240809-zb1lasxgmm
MD5

56d4cf41d5595a4cb9d95b1dde8872df
SHA1

b8023c69e2b135ca9e6ce0a7b7b5fb1aad50198b
SHA256

3d13530509fa6bbf3329c11b3ddc21a8dfb70a9aba89c7ea1c52d96968d615b5
SHA512

f8f30c93466de39062683806bbc68f2b4a1cdc1f316fc7f3033b5164eb73bf0f75bcdb69e127b5b4bb3406599543ed5b15a249f8c915c225b16911f87861c445
SSDEEP

1536:lHhlxfChg6X2aDOwEyo6WkIbKUjc5YMkhohBE8VGh:lHhlxKCo4dmgIUAEQGh

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3d13530509fa6bbf3329c11b3ddc21a8dfb70a9aba89c7ea1c52d96968d615b5
- Size
  
  80KB
- MD5
  
  56d4cf41d5595a4cb9d95b1dde8872df
- SHA1
  
  b8023c69e2b135ca9e6ce0a7b7b5fb1aad50198b
- SHA256
  
  3d13530509fa6bbf3329c11b3ddc21a8dfb70a9aba89c7ea1c52d96968d615b5
- SHA512
  
  f8f30c93466de39062683806bbc68f2b4a1cdc1f316fc7f3033b5164eb73bf0f75bcdb69e127b5b4bb3406599543ed5b15a249f8c915c225b16911f87861c445
- SSDEEP
  
  1536:lHhlxfChg6X2aDOwEyo6WkIbKUjc5YMkhohBE8VGh:lHhlxKCo4dmgIUAEQGh
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence