b9bf2abfe0a730ea8f9b7341bd8d0cc6cf69055931849d5b49e76e697b7f279e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9bf2abfe0a730ea8f9b7341bd8d0cc6cf69055931849d5b49e76e697b7f279e
Size

280KB
Sample

240819-a9wmkayapq
MD5

71e975181809196ca78e2bd30ab34733
SHA1

cd03d75447bd90acc74fb6bacf5ba576d8a61235
SHA256

b9bf2abfe0a730ea8f9b7341bd8d0cc6cf69055931849d5b49e76e697b7f279e
SHA512

0feb77f39ee06e8cc5e443eccff738062ee6c6c183bfb4971d9a8027bdba42893a39d259724232e7d524ed62608d259e29ec7ef64f048d42645ef9cc0c5c49cd
SSDEEP

6144:8e7s++MYi/GOORjMmRUoooooooooooooooooooooooooy/G3:8eKi//OVLCooooooooooooooooooooo9

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b9bf2abfe0a730ea8f9b7341bd8d0cc6cf69055931849d5b49e76e697b7f279e
- Size
  
  280KB
- MD5
  
  71e975181809196ca78e2bd30ab34733
- SHA1
  
  cd03d75447bd90acc74fb6bacf5ba576d8a61235
- SHA256
  
  b9bf2abfe0a730ea8f9b7341bd8d0cc6cf69055931849d5b49e76e697b7f279e
- SHA512
  
  0feb77f39ee06e8cc5e443eccff738062ee6c6c183bfb4971d9a8027bdba42893a39d259724232e7d524ed62608d259e29ec7ef64f048d42645ef9cc0c5c49cd
- SSDEEP
  
  6144:8e7s++MYi/GOORjMmRUoooooooooooooooooooooooooy/G3:8eKi//OVLCooooooooooooooooooooo9
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence