20f7fa24d5144ddf32dfe7a792b30116f06da4443211aeb8162da8891c903a45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20f7fa24d5144ddf32dfe7a792b30116f06da4443211aeb8162da8891c903a45
Size

182KB
Sample

240818-x3nppstapj
MD5

c09de1f62011c4d7e41ac9ec54cdac1b
SHA1

8e26a1a4121f261e0ff4deea9bdf5ceac6de8b0c
SHA256

20f7fa24d5144ddf32dfe7a792b30116f06da4443211aeb8162da8891c903a45
SHA512

3ceeb1a5e0d56a7519900469f6511a307e3197704b778b2499ba748be1902482986cb26980a19e10e2dc8112c22f8b1f03ca22558443eba3e6843c4e6fcf92d3
SSDEEP

3072:fxFmnqVNnPDKTUqyyyy452dF7nguPnVgA53+GpOc:f2nSNnPDKTUd2fEiV6GpOc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  20f7fa24d5144ddf32dfe7a792b30116f06da4443211aeb8162da8891c903a45
- Size
  
  182KB
- MD5
  
  c09de1f62011c4d7e41ac9ec54cdac1b
- SHA1
  
  8e26a1a4121f261e0ff4deea9bdf5ceac6de8b0c
- SHA256
  
  20f7fa24d5144ddf32dfe7a792b30116f06da4443211aeb8162da8891c903a45
- SHA512
  
  3ceeb1a5e0d56a7519900469f6511a307e3197704b778b2499ba748be1902482986cb26980a19e10e2dc8112c22f8b1f03ca22558443eba3e6843c4e6fcf92d3
- SSDEEP
  
  3072:fxFmnqVNnPDKTUqyyyy452dF7nguPnVgA53+GpOc:f2nSNnPDKTUd2fEiV6GpOc
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence