f20d6809612a121e02044da0d4b53d45be0789cc7731cb7d783b81ef2f337994 | Triage

Sharing

General

Target

bc1614d2343c7e113f4af5d094887db0N.exe
Size

273KB
Sample

240819-syx1cswbmp
MD5

bc1614d2343c7e113f4af5d094887db0
SHA1

3685d615a9a05f479eed7bfae134583920f93d6b
SHA256

f20d6809612a121e02044da0d4b53d45be0789cc7731cb7d783b81ef2f337994
SHA512

59524894ec90e60e52f5c8172794a1ad2a99776201ed67f3e2e2fff7a6715aa8936dfe1a4160702a8d5a70b9f575930ea577dcae5339b8aaf15798e123a70232
SSDEEP

6144:P0fl21z7tl4cibfvlsZRkTebwBhGv4dC+1R8pvBgL0eXkUbGKl9veOPSV3uo97fq:cfuK

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  bc1614d2343c7e113f4af5d094887db0N.exe
- Size
  
  273KB
- MD5
  
  bc1614d2343c7e113f4af5d094887db0
- SHA1
  
  3685d615a9a05f479eed7bfae134583920f93d6b
- SHA256
  
  f20d6809612a121e02044da0d4b53d45be0789cc7731cb7d783b81ef2f337994
- SHA512
  
  59524894ec90e60e52f5c8172794a1ad2a99776201ed67f3e2e2fff7a6715aa8936dfe1a4160702a8d5a70b9f575930ea577dcae5339b8aaf15798e123a70232
- SSDEEP
  
  6144:P0fl21z7tl4cibfvlsZRkTebwBhGv4dC+1R8pvBgL0eXkUbGKl9veOPSV3uo97fq:cfuK
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence