e48227f66de6e6e681311da8cf4f9b4aeaadb702876bb24455b0c85105d04496 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e48227f66de6e6e681311da8cf4f9b4aeaadb702876bb24455b0c85105d04496
Size

461KB
Sample

240811-d3vngatanr
MD5

ba4f637b4e3dc4af8bfe7b8cd69706c1
SHA1

af294e9bcd5612c32a3af671808a052ba7b5e096
SHA256

e48227f66de6e6e681311da8cf4f9b4aeaadb702876bb24455b0c85105d04496
SHA512

9ac937b27a19d78c3cb2f3568419da80feefa8cc8f583d0b3837ef988003947344b7ca7bcf956bced9c328b0ca90aeee31f685ee498c861c55ebf9f15636581b
SSDEEP

6144:1gPWQsxg8NQDVi3ULUgNQPi3UPUgNQViEUjUgN:K1sniUJ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e48227f66de6e6e681311da8cf4f9b4aeaadb702876bb24455b0c85105d04496
- Size
  
  461KB
- MD5
  
  ba4f637b4e3dc4af8bfe7b8cd69706c1
- SHA1
  
  af294e9bcd5612c32a3af671808a052ba7b5e096
- SHA256
  
  e48227f66de6e6e681311da8cf4f9b4aeaadb702876bb24455b0c85105d04496
- SHA512
  
  9ac937b27a19d78c3cb2f3568419da80feefa8cc8f583d0b3837ef988003947344b7ca7bcf956bced9c328b0ca90aeee31f685ee498c861c55ebf9f15636581b
- SSDEEP
  
  6144:1gPWQsxg8NQDVi3ULUgNQPi3UPUgNQViEUjUgN:K1sniUJ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence