a415b450c164d8db1163534bc9c56a981be9704ffc87846e7d875e4f1b198b6f | Triage

Sharing

General

Target

9e1b5e4d73bba0e88722ea04715f4170N.exe
Size

184KB
Sample

240819-xp6clavbpk
MD5

9e1b5e4d73bba0e88722ea04715f4170
SHA1

283ba31dc274d834d48a56bad49c23a6ce9ed402
SHA256

a415b450c164d8db1163534bc9c56a981be9704ffc87846e7d875e4f1b198b6f
SHA512

f84974823686235db2039803a52487ade3583918d336bba96a6daeee63763db17e50da4a135e575e747a047e787f987c6b2057b4ab63118f97415ef002557557
SSDEEP

3072:01NI3kodF0IEduDhWENn8sNrFlvnqnxiut:01Bo3AuDD88rFlPqnxiu

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  9e1b5e4d73bba0e88722ea04715f4170N.exe
- Size
  
  184KB
- MD5
  
  9e1b5e4d73bba0e88722ea04715f4170
- SHA1
  
  283ba31dc274d834d48a56bad49c23a6ce9ed402
- SHA256
  
  a415b450c164d8db1163534bc9c56a981be9704ffc87846e7d875e4f1b198b6f
- SHA512
  
  f84974823686235db2039803a52487ade3583918d336bba96a6daeee63763db17e50da4a135e575e747a047e787f987c6b2057b4ab63118f97415ef002557557
- SSDEEP
  
  3072:01NI3kodF0IEduDhWENn8sNrFlvnqnxiut:01Bo3AuDD88rFlPqnxiu
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence