7857c554b83b3af2f6fef2e027a7c0f79ac8c881ca545edf93e6a94db3cac9b3 | Triage

Sharing

General

Target

d18203a3fe4546104d92362c1c4e7b80N.exe
Size

327KB
Sample

240818-3zfskssclb
MD5

d18203a3fe4546104d92362c1c4e7b80
SHA1

bb6433e633b88b929bbe9672c79cfd9924bf8018
SHA256

7857c554b83b3af2f6fef2e027a7c0f79ac8c881ca545edf93e6a94db3cac9b3
SHA512

742bf9f0cbdb7e6b0613893b22a2560126f4e140f7a0671c857a26308f4c7dc7f102f07e15d01f10550ede094334af0cc44acbe0a01c67f07d1195e578433656
SSDEEP

3072:hRKpW+/Yed7oxxb4dfieE3nCEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEESLjb5m0z:haL/bBaq9E3Jj0+r+Mds9BY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d18203a3fe4546104d92362c1c4e7b80N.exe
- Size
  
  327KB
- MD5
  
  d18203a3fe4546104d92362c1c4e7b80
- SHA1
  
  bb6433e633b88b929bbe9672c79cfd9924bf8018
- SHA256
  
  7857c554b83b3af2f6fef2e027a7c0f79ac8c881ca545edf93e6a94db3cac9b3
- SHA512
  
  742bf9f0cbdb7e6b0613893b22a2560126f4e140f7a0671c857a26308f4c7dc7f102f07e15d01f10550ede094334af0cc44acbe0a01c67f07d1195e578433656
- SSDEEP
  
  3072:hRKpW+/Yed7oxxb4dfieE3nCEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEESLjb5m0z:haL/bBaq9E3Jj0+r+Mds9BY
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence