5b4ded4ec348e05ddad25fdac8292684fc9faf0eb76a6062f8df5ccb227cbc8b | Triage

Sharing

General

Target

5b4ded4ec348e05ddad25fdac8292684fc9faf0eb76a6062f8df5ccb227cbc8b
Size

144KB
Sample

240817-2ps5gs1gkd
MD5

cb75f2facf2dde70d5542c26277231ec
SHA1

0066b5715c12f2e02242352b52dcb5471780128a
SHA256

5b4ded4ec348e05ddad25fdac8292684fc9faf0eb76a6062f8df5ccb227cbc8b
SHA512

eb4b3f694210a793c908cb7463fc5d1c76fb37dc36d45fbc22347c650d3bd042472d6cfa530cb07cc64f5d05bfd2b4a2d40a5a1c0673a4fc3de53ee3c1e5d8e9
SSDEEP

3072:cNPSiG8ZitIBq+dv6eP6pHhJzdH13+EE+RaZ6r+GDZnBcV8:cRSZtJ+J6eP6pHhJzd5IF6rfBBcV8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5b4ded4ec348e05ddad25fdac8292684fc9faf0eb76a6062f8df5ccb227cbc8b
- Size
  
  144KB
- MD5
  
  cb75f2facf2dde70d5542c26277231ec
- SHA1
  
  0066b5715c12f2e02242352b52dcb5471780128a
- SHA256
  
  5b4ded4ec348e05ddad25fdac8292684fc9faf0eb76a6062f8df5ccb227cbc8b
- SHA512
  
  eb4b3f694210a793c908cb7463fc5d1c76fb37dc36d45fbc22347c650d3bd042472d6cfa530cb07cc64f5d05bfd2b4a2d40a5a1c0673a4fc3de53ee3c1e5d8e9
- SSDEEP
  
  3072:cNPSiG8ZitIBq+dv6eP6pHhJzdH13+EE+RaZ6r+GDZnBcV8:cRSZtJ+J6eP6pHhJzd5IF6rfBBcV8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence