9be7421f5e453b075fe61fee3412935484e618b649bb1fec2ebf274ba26c1114 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9be7421f5e453b075fe61fee3412935484e618b649bb1fec2ebf274ba26c1114
Size

128KB
Sample

240811-awerwswekk
MD5

7c1d665b7af0ee23397c073bb4f7c745
SHA1

e19b1d2e8e0798c15d5b59ab47b24e6ff0c9b855
SHA256

9be7421f5e453b075fe61fee3412935484e618b649bb1fec2ebf274ba26c1114
SHA512

ebbf6246beeedc79faf3dac668f91a8813153ee3e7a5e6d7e1936502fda154fea08ec0c9238d22cba5f36b023bb437826b876cb4312f7454a61989f364645c68
SSDEEP

3072:Wys0jEmOd7XIBzYDPFo0JDPxMeEvPOdgujv6NLPfFFrKP9:Wys04p7XIqDFo8DJML3OdgawrFZKP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9be7421f5e453b075fe61fee3412935484e618b649bb1fec2ebf274ba26c1114
- Size
  
  128KB
- MD5
  
  7c1d665b7af0ee23397c073bb4f7c745
- SHA1
  
  e19b1d2e8e0798c15d5b59ab47b24e6ff0c9b855
- SHA256
  
  9be7421f5e453b075fe61fee3412935484e618b649bb1fec2ebf274ba26c1114
- SHA512
  
  ebbf6246beeedc79faf3dac668f91a8813153ee3e7a5e6d7e1936502fda154fea08ec0c9238d22cba5f36b023bb437826b876cb4312f7454a61989f364645c68
- SSDEEP
  
  3072:Wys0jEmOd7XIBzYDPFo0JDPxMeEvPOdgujv6NLPfFFrKP9:Wys04p7XIqDFo8DJML3OdgawrFZKP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence