efb8ad0225b2295a210d39d18f750e6e1068dfc51c0f6b4f31f0a45c3b9a8432 | Triage

Sharing

General

Target

efb8ad0225b2295a210d39d18f750e6e1068dfc51c0f6b4f31f0a45c3b9a8432
Size

60KB
Sample

240811-ekpj6syapg
MD5

ba23f0ebdb9b10bd25ffeaff2e377188
SHA1

20d8a61085be40ccc3a2a6e633b634fc823045f4
SHA256

efb8ad0225b2295a210d39d18f750e6e1068dfc51c0f6b4f31f0a45c3b9a8432
SHA512

40cf1302836924aa4fcea42adefb9edf5697683d15a9e236d7d7c408421b999403d11649a87ab21250b3642f43f0eb90512a0ca110bc996a74f7d6a4983619b3
SSDEEP

1536:D2RHb74MBX55IvVjhFc2fYkG3uGU/DgVGB86l1rs:0pb5I9jhFJBUVGB86l1rs

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  efb8ad0225b2295a210d39d18f750e6e1068dfc51c0f6b4f31f0a45c3b9a8432
- Size
  
  60KB
- MD5
  
  ba23f0ebdb9b10bd25ffeaff2e377188
- SHA1
  
  20d8a61085be40ccc3a2a6e633b634fc823045f4
- SHA256
  
  efb8ad0225b2295a210d39d18f750e6e1068dfc51c0f6b4f31f0a45c3b9a8432
- SHA512
  
  40cf1302836924aa4fcea42adefb9edf5697683d15a9e236d7d7c408421b999403d11649a87ab21250b3642f43f0eb90512a0ca110bc996a74f7d6a4983619b3
- SSDEEP
  
  1536:D2RHb74MBX55IvVjhFc2fYkG3uGU/DgVGB86l1rs:0pb5I9jhFJBUVGB86l1rs
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence