4cfafb9f2cb81deadad8d4e3fc2d0e2b3b94710c5c097681eab7c1513bdc3398 | Triage

Sharing

General

Target

0dd98ac9b2506c3943b338474220f140N.exe
Size

89KB
Sample

240817-t5dqqsvhme
MD5

0dd98ac9b2506c3943b338474220f140
SHA1

c08e73702e5fb3c235822832f690f684a882aeac
SHA256

4cfafb9f2cb81deadad8d4e3fc2d0e2b3b94710c5c097681eab7c1513bdc3398
SHA512

2dd956068e8492ec3ebb3a5b14f09bdc5492a463a34e82c3bdcdc62c9e5539b557f083a8b557773b32fd62f11e3c2eb5abc4a0cfc88cf4e78437625963da233c
SSDEEP

1536:QKM5Q4jCCQAGr9L5d2VAL6K2cV6A5XxSyxTTwcABlExkg8F:a5QpCQAs9LaVAGKVoAnZMcOlakgw

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0dd98ac9b2506c3943b338474220f140N.exe
- Size
  
  89KB
- MD5
  
  0dd98ac9b2506c3943b338474220f140
- SHA1
  
  c08e73702e5fb3c235822832f690f684a882aeac
- SHA256
  
  4cfafb9f2cb81deadad8d4e3fc2d0e2b3b94710c5c097681eab7c1513bdc3398
- SHA512
  
  2dd956068e8492ec3ebb3a5b14f09bdc5492a463a34e82c3bdcdc62c9e5539b557f083a8b557773b32fd62f11e3c2eb5abc4a0cfc88cf4e78437625963da233c
- SSDEEP
  
  1536:QKM5Q4jCCQAGr9L5d2VAL6K2cV6A5XxSyxTTwcABlExkg8F:a5QpCQAs9LaVAGKVoAnZMcOlakgw
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence