3ed0d6d94adb0b335ae5485226df17c2e0707da19354924d2d55b8536c25dd86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ed0d6d94adb0b335ae5485226df17c2e0707da19354924d2d55b8536c25dd86
Size

385KB
Sample

240817-z4pphazeql
MD5

ec82d2add8cfd75830de70c9165bec63
SHA1

cc1e3815b1938f56ed56fe6ef17bae6b84a95e85
SHA256

3ed0d6d94adb0b335ae5485226df17c2e0707da19354924d2d55b8536c25dd86
SHA512

d29a2a32e129c7463087bb57d8438f159753ed724913f5bb97e188e29b1663f3421d46bf0cdc14084aa4b824de61bc2f2ac312369c68a6f4fc3b6f82aff8e8db
SSDEEP

12288:D4Ea8sy59SLWy5jy59SL3y59Ey59SLAy59SLZy5iy59SL:D43hy7oWypy7o3y7Ey7oAy7oZyUy7o

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3ed0d6d94adb0b335ae5485226df17c2e0707da19354924d2d55b8536c25dd86
- Size
  
  385KB
- MD5
  
  ec82d2add8cfd75830de70c9165bec63
- SHA1
  
  cc1e3815b1938f56ed56fe6ef17bae6b84a95e85
- SHA256
  
  3ed0d6d94adb0b335ae5485226df17c2e0707da19354924d2d55b8536c25dd86
- SHA512
  
  d29a2a32e129c7463087bb57d8438f159753ed724913f5bb97e188e29b1663f3421d46bf0cdc14084aa4b824de61bc2f2ac312369c68a6f4fc3b6f82aff8e8db
- SSDEEP
  
  12288:D4Ea8sy59SLWy5jy59SL3y59Ey59SLAy59SLZy5iy59SL:D43hy7oWypy7o3y7Ey7oAy7oZyUy7o
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence