06e403a67fc49be0d1f8784b4d82b3dbaf1fdae8575dcc93693d9210329bbf1b | Triage

Sharing

General

Target

b582ee115bf08a5f7df5eea09d9475f0N.exe
Size

96KB
Sample

240817-lh1yraydqd
MD5

b582ee115bf08a5f7df5eea09d9475f0
SHA1

209dfb0541dae6781ab100358e7a6a0db0cc581b
SHA256

06e403a67fc49be0d1f8784b4d82b3dbaf1fdae8575dcc93693d9210329bbf1b
SHA512

89826c3c009d49dba222a464f2197385d33dd9f7b966d38eb7551632aa1dd95a242403e9d8e06799b2338d1463dd8d198725032dc0f0d90fd8a1679d75ad58a3
SSDEEP

3072:dOsBUqdLJQnIRTf5cu2Zmjfo0WNhgPyq+Nr4d69jc0v:dOsBUqdLenKThcxmj0zHh4d6NV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b582ee115bf08a5f7df5eea09d9475f0N.exe
- Size
  
  96KB
- MD5
  
  b582ee115bf08a5f7df5eea09d9475f0
- SHA1
  
  209dfb0541dae6781ab100358e7a6a0db0cc581b
- SHA256
  
  06e403a67fc49be0d1f8784b4d82b3dbaf1fdae8575dcc93693d9210329bbf1b
- SHA512
  
  89826c3c009d49dba222a464f2197385d33dd9f7b966d38eb7551632aa1dd95a242403e9d8e06799b2338d1463dd8d198725032dc0f0d90fd8a1679d75ad58a3
- SSDEEP
  
  3072:dOsBUqdLJQnIRTf5cu2Zmjfo0WNhgPyq+Nr4d69jc0v:dOsBUqdLenKThcxmj0zHh4d6NV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence