f954a2a2a031b5dbe2cd09bcf6ec9cf22dc40a465f77bec59a494bd72445eab6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af1873b786da4aaafc67ad38409b0380N.exe
Size

82KB
Sample

240818-qaqj9sxcqn
MD5

af1873b786da4aaafc67ad38409b0380
SHA1

29c52bfa22d9ad92f5b96176f0ecdb2de212424e
SHA256

f954a2a2a031b5dbe2cd09bcf6ec9cf22dc40a465f77bec59a494bd72445eab6
SHA512

d6e5bfa84bd7fe1142c4791460291847623656ad6fe5438397d1d5cd6629c0af17f89a8f17e86bb42469c7c461376e8b979d3ae4c47e7ec13ed031afd04561b4
SSDEEP

1536:wKvgtUcOohSthhjcmIPL8PJKC+sz0F7896bFeCk2L7Q2Ipm6+wDSmQFN6TiN1sJx:HvgtUjMoWacbAC9E2Ipm6tm7N6TO1SpD

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  af1873b786da4aaafc67ad38409b0380N.exe
- Size
  
  82KB
- MD5
  
  af1873b786da4aaafc67ad38409b0380
- SHA1
  
  29c52bfa22d9ad92f5b96176f0ecdb2de212424e
- SHA256
  
  f954a2a2a031b5dbe2cd09bcf6ec9cf22dc40a465f77bec59a494bd72445eab6
- SHA512
  
  d6e5bfa84bd7fe1142c4791460291847623656ad6fe5438397d1d5cd6629c0af17f89a8f17e86bb42469c7c461376e8b979d3ae4c47e7ec13ed031afd04561b4
- SSDEEP
  
  1536:wKvgtUcOohSthhjcmIPL8PJKC+sz0F7896bFeCk2L7Q2Ipm6+wDSmQFN6TiN1sJx:HvgtUjMoWacbAC9E2Ipm6tm7N6TO1SpD
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence