add68d09a602f67108a6f562434e7e2cd65ebb1c3ce162eac95ea77709d8d577 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bbf4055742e60b585f88d7d87b16730N.exe
Size

378KB
Sample

240818-j6sk6svalb
MD5

4bbf4055742e60b585f88d7d87b16730
SHA1

151704760cc2a109c9b5a50553a4c39d634cb76a
SHA256

add68d09a602f67108a6f562434e7e2cd65ebb1c3ce162eac95ea77709d8d577
SHA512

7821b3e6e2e23751289d23f7b908115eef823222c2ffd5d51096cce2238d461af4691cc2706169db7ac6a43736a510eeab5fe3f5299b9a3010beda6a7beb8468
SSDEEP

6144:NBL7hprtMsQBma/atn9pG4l+0K76zHTgb8ecFeK8TJ4u392vVAMR4/5V0lLn+Cwa:NpRMsEat9pG4l+0K7WHT91M52vVAMq5U

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4bbf4055742e60b585f88d7d87b16730N.exe
- Size
  
  378KB
- MD5
  
  4bbf4055742e60b585f88d7d87b16730
- SHA1
  
  151704760cc2a109c9b5a50553a4c39d634cb76a
- SHA256
  
  add68d09a602f67108a6f562434e7e2cd65ebb1c3ce162eac95ea77709d8d577
- SHA512
  
  7821b3e6e2e23751289d23f7b908115eef823222c2ffd5d51096cce2238d461af4691cc2706169db7ac6a43736a510eeab5fe3f5299b9a3010beda6a7beb8468
- SSDEEP
  
  6144:NBL7hprtMsQBma/atn9pG4l+0K76zHTgb8ecFeK8TJ4u392vVAMR4/5V0lLn+Cwa:NpRMsEat9pG4l+0K7WHT91M52vVAMq5U
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence