0be9aa8770e5e11a53f46fc4fb1c3ff64447824f42708256e9f3d04975468d07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d11e213492cb3c5d5cd535702849ca0N.exe
Size

49KB
Sample

240817-fzkp7ssclq
MD5

3d11e213492cb3c5d5cd535702849ca0
SHA1

4aadb9786c92b199a100f182b7f24110bb1416dd
SHA256

0be9aa8770e5e11a53f46fc4fb1c3ff64447824f42708256e9f3d04975468d07
SHA512

755013456f1a68f912f9c7ad7fc5326abfa16d0f95b08ae127ae9652d87446d3a1e9b8be8dd0ad93fa3a75281a5e500a76a5c669984d2a67641a52d2c6f9808c
SSDEEP

768:E6ZEG4SKE/X6E/7jYrtSK8+saf51Pj6Q5q6dIAsq3Szw8nGfvBH1yM+h0m5z/1Hk:E6B43RE/a98+s+aAsa2he1Q0m5l6

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3d11e213492cb3c5d5cd535702849ca0N.exe
- Size
  
  49KB
- MD5
  
  3d11e213492cb3c5d5cd535702849ca0
- SHA1
  
  4aadb9786c92b199a100f182b7f24110bb1416dd
- SHA256
  
  0be9aa8770e5e11a53f46fc4fb1c3ff64447824f42708256e9f3d04975468d07
- SHA512
  
  755013456f1a68f912f9c7ad7fc5326abfa16d0f95b08ae127ae9652d87446d3a1e9b8be8dd0ad93fa3a75281a5e500a76a5c669984d2a67641a52d2c6f9808c
- SSDEEP
  
  768:E6ZEG4SKE/X6E/7jYrtSK8+saf51Pj6Q5q6dIAsq3Szw8nGfvBH1yM+h0m5z/1Hk:E6B43RE/a98+s+aAsa2he1Q0m5l6
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence