54f42fec0d1a79292eadd7616e5f0065ac198b6b8c0cda3d6b2fadae99da950e | Triage

Sharing

General

Target

54f42fec0d1a79292eadd7616e5f0065ac198b6b8c0cda3d6b2fadae99da950e
Size

896KB
Sample

240813-zgf4vazclp
MD5

93f465d96d373fd4b54235d095028f6e
SHA1

aa6a7d8fb07406cfb36b4d4b75727378e5e95b54
SHA256

54f42fec0d1a79292eadd7616e5f0065ac198b6b8c0cda3d6b2fadae99da950e
SHA512

ccb2a30a94c717436c70656ddf1c43965bf638dd329abf060a8c024670cdc33a0db697d6c80aaf408dd98d82e0c7503dbfaba31ff01ca0cce1b90ee42bf64ca7
SSDEEP

12288:Ht1qWX+PdByvNv54B9f01ZmHByvNv5VwLonfBHLqF1Nw5ILonfByvNv5HV:H+uvr4B9f01ZmQvrUENOVvr1

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  54f42fec0d1a79292eadd7616e5f0065ac198b6b8c0cda3d6b2fadae99da950e
- Size
  
  896KB
- MD5
  
  93f465d96d373fd4b54235d095028f6e
- SHA1
  
  aa6a7d8fb07406cfb36b4d4b75727378e5e95b54
- SHA256
  
  54f42fec0d1a79292eadd7616e5f0065ac198b6b8c0cda3d6b2fadae99da950e
- SHA512
  
  ccb2a30a94c717436c70656ddf1c43965bf638dd329abf060a8c024670cdc33a0db697d6c80aaf408dd98d82e0c7503dbfaba31ff01ca0cce1b90ee42bf64ca7
- SSDEEP
  
  12288:Ht1qWX+PdByvNv54B9f01ZmHByvNv5VwLonfBHLqF1Nw5ILonfByvNv5HV:H+uvr4B9f01ZmQvrUENOVvr1
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence