b5978d0b580c17c1a408ff2082d4e221142636d6fd4f82c0b29692661c102545 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5978d0b580c17c1a408ff2082d4e221142636d6fd4f82c0b29692661c102545
Size

128KB
Sample

240817-epq9kazbjr
MD5

d119046e69ba959c3dab81e35da6376b
SHA1

eb60d9b5faedf23808faeb3530ce40b71a88d44d
SHA256

b5978d0b580c17c1a408ff2082d4e221142636d6fd4f82c0b29692661c102545
SHA512

8e2d73a87d9a7a83d28d3c7b30a6c52c640e8bf8cf09823c8c6b8c961b1ebbe82766bb88e9ba8d7a040b5c622d07f80d7259441833d2687f918b27bd129b40e5
SSDEEP

1536:a+Iycbbsjz4Hu5mGT5tIgwN+I75WaBtFQoXa+dJnEBctOPpB:aLycE4O5D9tISI7Ya3FQo7fnEBctcp

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b5978d0b580c17c1a408ff2082d4e221142636d6fd4f82c0b29692661c102545
- Size
  
  128KB
- MD5
  
  d119046e69ba959c3dab81e35da6376b
- SHA1
  
  eb60d9b5faedf23808faeb3530ce40b71a88d44d
- SHA256
  
  b5978d0b580c17c1a408ff2082d4e221142636d6fd4f82c0b29692661c102545
- SHA512
  
  8e2d73a87d9a7a83d28d3c7b30a6c52c640e8bf8cf09823c8c6b8c961b1ebbe82766bb88e9ba8d7a040b5c622d07f80d7259441833d2687f918b27bd129b40e5
- SSDEEP
  
  1536:a+Iycbbsjz4Hu5mGT5tIgwN+I75WaBtFQoXa+dJnEBctOPpB:aLycE4O5D9tISI7Ya3FQo7fnEBctcp
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence