c104d3885f5714744be82e95ed0d9db62aafa82d6024f94fdb5382e671845327 | Triage

Sharing

General

Target

67335e3230c5e651d22ffe07e1130ae0N.exe
Size

160KB
Sample

240819-pqzbnstglf
MD5

67335e3230c5e651d22ffe07e1130ae0
SHA1

e5da6cc88763084709b5b352b3a43dfc39786b91
SHA256

c104d3885f5714744be82e95ed0d9db62aafa82d6024f94fdb5382e671845327
SHA512

93f87f804a84d941dc4d3da8587599d447a1d062eaf4e1aa5ec736ae54dec905ffc9abd2ce15da602794ab724dcc4fe333b134c3e47c91f84500ffeafabb3da6
SSDEEP

3072:qtgBli821VMJCvS5DSCopsIm81+jq2832dp5Xp+7+10K03Rq/gho:qaBli8IMovSZSCZj81+jq4peBK034Y+

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  67335e3230c5e651d22ffe07e1130ae0N.exe
- Size
  
  160KB
- MD5
  
  67335e3230c5e651d22ffe07e1130ae0
- SHA1
  
  e5da6cc88763084709b5b352b3a43dfc39786b91
- SHA256
  
  c104d3885f5714744be82e95ed0d9db62aafa82d6024f94fdb5382e671845327
- SHA512
  
  93f87f804a84d941dc4d3da8587599d447a1d062eaf4e1aa5ec736ae54dec905ffc9abd2ce15da602794ab724dcc4fe333b134c3e47c91f84500ffeafabb3da6
- SSDEEP
  
  3072:qtgBli821VMJCvS5DSCopsIm81+jq2832dp5Xp+7+10K03Rq/gho:qaBli8IMovSZSCZj81+jq4peBK034Y+
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence