d98115624e3df3d971822a9c6a5de6afc826bc333882ca60d539c618ef59005e | Triage

Sharing

General

Target

f3b4c30eb834f5f52d4dbafa94a0a500N.exe
Size

415KB
Sample

240814-sbvlqatbmq
MD5

f3b4c30eb834f5f52d4dbafa94a0a500
SHA1

620b0a2a563fa6276e39d6e3569e4df2341fc59b
SHA256

d98115624e3df3d971822a9c6a5de6afc826bc333882ca60d539c618ef59005e
SHA512

3e3f129a1316af9edf0cb45897d1a726606dae78285a24a621d69c7234a4e978e7e594a274d96b4116a97e32f75a78b9b548041b3dbb80ffeb13d6a22f1135e0
SSDEEP

12288:NFk8oWj7NtInBBBBBBBBBBBBBBBBBBBBBBBBB0kfBBBBBBBBBBBBBBBBBBBBBBBh:rklp

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f3b4c30eb834f5f52d4dbafa94a0a500N.exe
- Size
  
  415KB
- MD5
  
  f3b4c30eb834f5f52d4dbafa94a0a500
- SHA1
  
  620b0a2a563fa6276e39d6e3569e4df2341fc59b
- SHA256
  
  d98115624e3df3d971822a9c6a5de6afc826bc333882ca60d539c618ef59005e
- SHA512
  
  3e3f129a1316af9edf0cb45897d1a726606dae78285a24a621d69c7234a4e978e7e594a274d96b4116a97e32f75a78b9b548041b3dbb80ffeb13d6a22f1135e0
- SSDEEP
  
  12288:NFk8oWj7NtInBBBBBBBBBBBBBBBBBBBBBBBBB0kfBBBBBBBBBBBBBBBBBBBBBBBh:rklp
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence