70af90330c0f1e59697755f6833816c7dc3addd74082a21db5458fd54407ad36 | Triage

Sharing

General

Target

70af90330c0f1e59697755f6833816c7dc3addd74082a21db5458fd54407ad36
Size

80KB
Sample

240818-14rdrs1alq
MD5

1fc627565ad68ea9303ce9cf1cd95d00
SHA1

d2e517cf56ddee8e645bf8b24720f09de51e44ad
SHA256

70af90330c0f1e59697755f6833816c7dc3addd74082a21db5458fd54407ad36
SHA512

4d3f785937ed7bd727153caa980e25eeb5d4f7d3276b81754f52f964dc7c4a170a8576d1539a308440e8e0d71cbac1ed6fafd23c0e8b08b56c2f1b59529b16b0
SSDEEP

1536:YqQdo6bY5yyck1BvX6XaUddx8upeuA5YMkhohBE8VGh:YtBYY7KXj6dOeeusUAEQGh

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  70af90330c0f1e59697755f6833816c7dc3addd74082a21db5458fd54407ad36
- Size
  
  80KB
- MD5
  
  1fc627565ad68ea9303ce9cf1cd95d00
- SHA1
  
  d2e517cf56ddee8e645bf8b24720f09de51e44ad
- SHA256
  
  70af90330c0f1e59697755f6833816c7dc3addd74082a21db5458fd54407ad36
- SHA512
  
  4d3f785937ed7bd727153caa980e25eeb5d4f7d3276b81754f52f964dc7c4a170a8576d1539a308440e8e0d71cbac1ed6fafd23c0e8b08b56c2f1b59529b16b0
- SSDEEP
  
  1536:YqQdo6bY5yyck1BvX6XaUddx8upeuA5YMkhohBE8VGh:YtBYY7KXj6dOeeusUAEQGh
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence