1d59bc99546149ce458d0b066df1ad35bc70b17f8000cd3bde6387bfa316162a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d59bc99546149ce458d0b066df1ad35bc70b17f8000cd3bde6387bfa316162a
Size

104KB
Sample

240811-xy1tgaxhpb
MD5

6d387a73da5e70e2bd108f09956f4717
SHA1

3402e0445a9a382e47447808fa76ea79e10d0f57
SHA256

1d59bc99546149ce458d0b066df1ad35bc70b17f8000cd3bde6387bfa316162a
SHA512

ed4d8155cf2bec0a88931d37a630a136f512150c8f7c25ac525e9aa7e0819219a4a1d56f9b742ec68101698fd42ea99ac2338b0745702d031a00f733c815dd99
SSDEEP

3072:nP2m3Qi3Xb7ce5Bx7cEGrhkngpDvchkqbAIQS:FQiXX5Bx4brq2Ahn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  1d59bc99546149ce458d0b066df1ad35bc70b17f8000cd3bde6387bfa316162a
- Size
  
  104KB
- MD5
  
  6d387a73da5e70e2bd108f09956f4717
- SHA1
  
  3402e0445a9a382e47447808fa76ea79e10d0f57
- SHA256
  
  1d59bc99546149ce458d0b066df1ad35bc70b17f8000cd3bde6387bfa316162a
- SHA512
  
  ed4d8155cf2bec0a88931d37a630a136f512150c8f7c25ac525e9aa7e0819219a4a1d56f9b742ec68101698fd42ea99ac2338b0745702d031a00f733c815dd99
- SSDEEP
  
  3072:nP2m3Qi3Xb7ce5Bx7cEGrhkngpDvchkqbAIQS:FQiXX5Bx4brq2Ahn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence