9820df332117b9c7a2f9959878315f9eb66e075ca2fca9c2645d93dac468a257 | Triage

Sharing

General

Target

d5e7465fd48854cf203fa05424ef6450N.exe
Size

259KB
Sample

240819-bhck2syerk
MD5

d5e7465fd48854cf203fa05424ef6450
SHA1

246ed95b1be8db246314ffbc64babc37f3dc7cb2
SHA256

9820df332117b9c7a2f9959878315f9eb66e075ca2fca9c2645d93dac468a257
SHA512

ed224e27d5392f57a88b3b1c80c9344f51f8bd2576921e19dbe0e9f6b09fafddab78a68188c37d0a5a7a97827040a8cef1a743c82d047db46dea509384f27bc6
SSDEEP

3072:BLhYbCHpqfimbJ9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5yLp:BLiWHofimbsDshsrYIcm4FmowdHoSa

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d5e7465fd48854cf203fa05424ef6450N.exe
- Size
  
  259KB
- MD5
  
  d5e7465fd48854cf203fa05424ef6450
- SHA1
  
  246ed95b1be8db246314ffbc64babc37f3dc7cb2
- SHA256
  
  9820df332117b9c7a2f9959878315f9eb66e075ca2fca9c2645d93dac468a257
- SHA512
  
  ed224e27d5392f57a88b3b1c80c9344f51f8bd2576921e19dbe0e9f6b09fafddab78a68188c37d0a5a7a97827040a8cef1a743c82d047db46dea509384f27bc6
- SSDEEP
  
  3072:BLhYbCHpqfimbJ9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5yLp:BLiWHofimbsDshsrYIcm4FmowdHoSa
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence