2e9e289efa2ba68aa7130de8415cdfa7adfd9ca693177f176b5aff02ca33d828 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7238ecfd29069b31a61bebcdcbc5c60N.exe
Size

80KB
Sample

240820-ntv8razbmd
MD5

d7238ecfd29069b31a61bebcdcbc5c60
SHA1

5fca2904e34c39022dc2dc4d831b994cb0cf00f5
SHA256

2e9e289efa2ba68aa7130de8415cdfa7adfd9ca693177f176b5aff02ca33d828
SHA512

fa716744e702d992b11642b9c872d9c98d2429a8fd95656bd98ba8e664b920f2bafa622f6a72781e5c77e115b780933deb56616f57cba3498ae868ccc1ed3aa8
SSDEEP

1536:A29tyNUDkpMAIX4jx2H/7p2LT7S5DUHRbPa9b6i+sIk:htVDkpZtx2HOvS5DSCopsIk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d7238ecfd29069b31a61bebcdcbc5c60N.exe
- Size
  
  80KB
- MD5
  
  d7238ecfd29069b31a61bebcdcbc5c60
- SHA1
  
  5fca2904e34c39022dc2dc4d831b994cb0cf00f5
- SHA256
  
  2e9e289efa2ba68aa7130de8415cdfa7adfd9ca693177f176b5aff02ca33d828
- SHA512
  
  fa716744e702d992b11642b9c872d9c98d2429a8fd95656bd98ba8e664b920f2bafa622f6a72781e5c77e115b780933deb56616f57cba3498ae868ccc1ed3aa8
- SSDEEP
  
  1536:A29tyNUDkpMAIX4jx2H/7p2LT7S5DUHRbPa9b6i+sIk:htVDkpZtx2HOvS5DSCopsIk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence