5bace55a05212ca13ede42462503174a1018a831ccefef7a17a71ced17093fac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6ce3123391dd9fad0020e161cf6c400N.exe
Size

465KB
Sample

240817-an666szbkm
MD5

f6ce3123391dd9fad0020e161cf6c400
SHA1

9bdf03d5b2197cc9557bd8deda048454a38b364b
SHA256

5bace55a05212ca13ede42462503174a1018a831ccefef7a17a71ced17093fac
SHA512

32252ef2a8f7a7522f9427619e4569581c684f4fe9969a417540e930664fd6717b03ca0814c664ff3e7f85aee0294a020d57a68536e8404f523fce95d0628d79
SSDEEP

6144:sTb4staJPQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5frdQt383PQ///NR5fKr0:sT8I/Ng1/Nmr/Ng1/NSf

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f6ce3123391dd9fad0020e161cf6c400N.exe
- Size
  
  465KB
- MD5
  
  f6ce3123391dd9fad0020e161cf6c400
- SHA1
  
  9bdf03d5b2197cc9557bd8deda048454a38b364b
- SHA256
  
  5bace55a05212ca13ede42462503174a1018a831ccefef7a17a71ced17093fac
- SHA512
  
  32252ef2a8f7a7522f9427619e4569581c684f4fe9969a417540e930664fd6717b03ca0814c664ff3e7f85aee0294a020d57a68536e8404f523fce95d0628d79
- SSDEEP
  
  6144:sTb4staJPQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5frdQt383PQ///NR5fKr0:sT8I/Ng1/Nmr/Ng1/NSf
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence