5f21bc0aa837654245ac464cd57f78fc843fbb47661788598527f13b479abd6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45aab91a54f7336120c39e6f92641310N.exe
Size

188KB
Sample

240820-alfansxern
MD5

45aab91a54f7336120c39e6f92641310
SHA1

85afe8bf1d2f4eb2a263013242cfc31658aae7d6
SHA256

5f21bc0aa837654245ac464cd57f78fc843fbb47661788598527f13b479abd6a
SHA512

90cb9bcf27cd1632b934fd0b5c4d64ca0edf0a5ae685bb3f07b0962ca7afbb720f30c0e2a09c1f501079836f013806354968751de1fc395220be5193ec1c2d18
SSDEEP

3072:9BOgPfEDVTrEvco5J4vgfvUEp1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:9BOVVEv1JJUEp1AelhEN4MujGJoSoDco

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  45aab91a54f7336120c39e6f92641310N.exe
- Size
  
  188KB
- MD5
  
  45aab91a54f7336120c39e6f92641310
- SHA1
  
  85afe8bf1d2f4eb2a263013242cfc31658aae7d6
- SHA256
  
  5f21bc0aa837654245ac464cd57f78fc843fbb47661788598527f13b479abd6a
- SHA512
  
  90cb9bcf27cd1632b934fd0b5c4d64ca0edf0a5ae685bb3f07b0962ca7afbb720f30c0e2a09c1f501079836f013806354968751de1fc395220be5193ec1c2d18
- SSDEEP
  
  3072:9BOgPfEDVTrEvco5J4vgfvUEp1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:9BOVVEv1JJUEp1AelhEN4MujGJoSoDco
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence