28220eccc7e06f72bc42a83b0b3b07d0448e76b70f0b606a85097eeb8b5db13e | Triage

Sharing

General

Target

28220eccc7e06f72bc42a83b0b3b07d0448e76b70f0b606a85097eeb8b5db13e
Size

96KB
Sample

240813-xy39lawdlr
MD5

8edc8f512a1cbce8245ef8a01da945c2
SHA1

bb2b2152b91aee417defb88fe3425929cc691edb
SHA256

28220eccc7e06f72bc42a83b0b3b07d0448e76b70f0b606a85097eeb8b5db13e
SHA512

7c9ebe1e24488cca14a5b4dd68a9902d4403e3242fc256485c3bb0878b4ddf567384e74d83b9588307634293e168fc4ef9f43ccbb1b2533fb44523be31023d81
SSDEEP

1536:YhknerT3Dj6uLOc+TFdelEjGM5rqzPR61ekrlvXOkUwaAjWbjtKBvU:Yqnev3/nCc+JdeGjGseR61bF+kNVwtCU

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  28220eccc7e06f72bc42a83b0b3b07d0448e76b70f0b606a85097eeb8b5db13e
- Size
  
  96KB
- MD5
  
  8edc8f512a1cbce8245ef8a01da945c2
- SHA1
  
  bb2b2152b91aee417defb88fe3425929cc691edb
- SHA256
  
  28220eccc7e06f72bc42a83b0b3b07d0448e76b70f0b606a85097eeb8b5db13e
- SHA512
  
  7c9ebe1e24488cca14a5b4dd68a9902d4403e3242fc256485c3bb0878b4ddf567384e74d83b9588307634293e168fc4ef9f43ccbb1b2533fb44523be31023d81
- SSDEEP
  
  1536:YhknerT3Dj6uLOc+TFdelEjGM5rqzPR61ekrlvXOkUwaAjWbjtKBvU:Yqnev3/nCc+JdeGjGseR61bF+kNVwtCU
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence