d4171df63bcb3fee2e332b6d03797f2e9c795f39b5ed1d8ff59e96d9620e3769 | Triage

Sharing

General

Target

b051556508b94ecba83a6f38c460ca00N.exe
Size

240KB
Sample

240820-3bpetaycre
MD5

b051556508b94ecba83a6f38c460ca00
SHA1

b7faa857e3316e9c22c96be0e60f0245ef091008
SHA256

d4171df63bcb3fee2e332b6d03797f2e9c795f39b5ed1d8ff59e96d9620e3769
SHA512

dbab29d4b1623b291c08c2b7d0d969c95c4677cd6e53aed1be684b1278e1be907d8f1fb03c9c45ca3f70cc2dc70160de2f1486ada4da7efcf94c1103eac03c59
SSDEEP

6144:PV79MkgGOwcRlwuVMG7Qik7jnutmtJNtB0tFToGyZ6YugQdjGG1wsKm6eBgdQbkL:jXeJ0HItmGyXu1jGG1wsGeBgRTGA

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b051556508b94ecba83a6f38c460ca00N.exe
- Size
  
  240KB
- MD5
  
  b051556508b94ecba83a6f38c460ca00
- SHA1
  
  b7faa857e3316e9c22c96be0e60f0245ef091008
- SHA256
  
  d4171df63bcb3fee2e332b6d03797f2e9c795f39b5ed1d8ff59e96d9620e3769
- SHA512
  
  dbab29d4b1623b291c08c2b7d0d969c95c4677cd6e53aed1be684b1278e1be907d8f1fb03c9c45ca3f70cc2dc70160de2f1486ada4da7efcf94c1103eac03c59
- SSDEEP
  
  6144:PV79MkgGOwcRlwuVMG7Qik7jnutmtJNtB0tFToGyZ6YugQdjGG1wsKm6eBgdQbkL:jXeJ0HItmGyXu1jGG1wsGeBgRTGA
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence