e1ccf4ad2d542a06e7cca4558e58b1a568205b9a891ddd07173d4461178df9fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4836928cce3deb9cf60fafe53e5a8e70N.exe
Size

69KB
Sample

240818-ts5cxsvhjl
MD5

4836928cce3deb9cf60fafe53e5a8e70
SHA1

4f2baa401e5b181f9e25a67d6c8f6ce80fb73179
SHA256

e1ccf4ad2d542a06e7cca4558e58b1a568205b9a891ddd07173d4461178df9fd
SHA512

2a5fab82c0ddf759d8a0b7ad16a557428b1d0ffffd33e5a4de1d66899c32f665ea8d0138b47bb4ff845d35a98ee7a12a3c6fb2dec018535e0b2af49a5a02264d
SSDEEP

1536:nQjgkZiqp9T002hQo9WNein/GFZCeDAyY:QggmWNFn/GFZC1yY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4836928cce3deb9cf60fafe53e5a8e70N.exe
- Size
  
  69KB
- MD5
  
  4836928cce3deb9cf60fafe53e5a8e70
- SHA1
  
  4f2baa401e5b181f9e25a67d6c8f6ce80fb73179
- SHA256
  
  e1ccf4ad2d542a06e7cca4558e58b1a568205b9a891ddd07173d4461178df9fd
- SHA512
  
  2a5fab82c0ddf759d8a0b7ad16a557428b1d0ffffd33e5a4de1d66899c32f665ea8d0138b47bb4ff845d35a98ee7a12a3c6fb2dec018535e0b2af49a5a02264d
- SSDEEP
  
  1536:nQjgkZiqp9T002hQo9WNein/GFZCeDAyY:QggmWNFn/GFZC1yY
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence