63acefba6dbe5544b7f0ff8ea6b1d871926a68d1e7c9f9428327e08645ac5f3f | Triage

Sharing

General

Target

d060d3bb845fcddecb92e24b93093db0N.exe
Size

448KB
Sample

240820-lz4qzavhqh
MD5

d060d3bb845fcddecb92e24b93093db0
SHA1

a93731e706236bfc4ebcad65be68a97fe1422a4e
SHA256

63acefba6dbe5544b7f0ff8ea6b1d871926a68d1e7c9f9428327e08645ac5f3f
SHA512

b53c56fe547bbd59b07783d311d688545a165d18f7f4016be842230027277f0a2078b7cbc8a7c539d5a079d350b519ea563aa2d6d72dde46257dd92f0f89d6cc
SSDEEP

6144:xv0rd0PQ///NR5fLYG3eujPQ///NR5fqZo4tjS6Y:xvy/NcZ7/NC64tm6Y

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d060d3bb845fcddecb92e24b93093db0N.exe
- Size
  
  448KB
- MD5
  
  d060d3bb845fcddecb92e24b93093db0
- SHA1
  
  a93731e706236bfc4ebcad65be68a97fe1422a4e
- SHA256
  
  63acefba6dbe5544b7f0ff8ea6b1d871926a68d1e7c9f9428327e08645ac5f3f
- SHA512
  
  b53c56fe547bbd59b07783d311d688545a165d18f7f4016be842230027277f0a2078b7cbc8a7c539d5a079d350b519ea563aa2d6d72dde46257dd92f0f89d6cc
- SSDEEP
  
  6144:xv0rd0PQ///NR5fLYG3eujPQ///NR5fqZo4tjS6Y:xvy/NcZ7/NC64tm6Y
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence