3fe79a63421343015d1b00fc5bc0f2dc9bb388770ddc6ef4c2152852e04c42a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fe79a63421343015d1b00fc5bc0f2dc9bb388770ddc6ef4c2152852e04c42a3
Size

896KB
Sample

240816-1mfkyayfrh
MD5

be35e94dbd8e05a894f1d9209a61e8e6
SHA1

2dff2835cfcb2ef2943dd3ff8f28895913fce446
SHA256

3fe79a63421343015d1b00fc5bc0f2dc9bb388770ddc6ef4c2152852e04c42a3
SHA512

32cbbd9a4553072d5f1426b9f89e55c58ab1500206db4d8dde1316000ed62a737450a380ef9dc573e9ae4c0da772e75dda3c56410bf2de72ce50b1449da892c6
SSDEEP

24576:IIKTRTGryZ5d9TRTGryaITRTGryZ5d9TRTGryeLTRTGryZ5d9TRTGryaITRTGryb:M9bD99wI9bD99e9bD99wI9bD99

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3fe79a63421343015d1b00fc5bc0f2dc9bb388770ddc6ef4c2152852e04c42a3
- Size
  
  896KB
- MD5
  
  be35e94dbd8e05a894f1d9209a61e8e6
- SHA1
  
  2dff2835cfcb2ef2943dd3ff8f28895913fce446
- SHA256
  
  3fe79a63421343015d1b00fc5bc0f2dc9bb388770ddc6ef4c2152852e04c42a3
- SHA512
  
  32cbbd9a4553072d5f1426b9f89e55c58ab1500206db4d8dde1316000ed62a737450a380ef9dc573e9ae4c0da772e75dda3c56410bf2de72ce50b1449da892c6
- SSDEEP
  
  24576:IIKTRTGryZ5d9TRTGryaITRTGryZ5d9TRTGryeLTRTGryZ5d9TRTGryaITRTGryb:M9bD99wI9bD99e9bD99wI9bD99
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence