b9d296e5d415a1a22dbc7f97be9c960cbe9fb5a32555c20e24c9633c06e40ae8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

850c7e5871274eed854d30239a2e3770N.exe
Size

1024KB
Sample

240820-p6g3bssfpg
MD5

850c7e5871274eed854d30239a2e3770
SHA1

2fbeea659ec47da2e6df80aa7ae4ddb02a8ae7f2
SHA256

b9d296e5d415a1a22dbc7f97be9c960cbe9fb5a32555c20e24c9633c06e40ae8
SHA512

ecd4513b79da327de559b5c3249e411ff19749a01f8084fa91e4b8b430bb39df616e89044847926fdf4475467bd87e243b7c71155144a8418a65da0d076aa247
SSDEEP

12288:SNJFcNkY660fIaDZkY660f8jTK/XhdAwlt01PBExKN4P6IfKTLR+6CwUkEoH:SNJFagsaDZgQjGkwlks/6HnEO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  850c7e5871274eed854d30239a2e3770N.exe
- Size
  
  1024KB
- MD5
  
  850c7e5871274eed854d30239a2e3770
- SHA1
  
  2fbeea659ec47da2e6df80aa7ae4ddb02a8ae7f2
- SHA256
  
  b9d296e5d415a1a22dbc7f97be9c960cbe9fb5a32555c20e24c9633c06e40ae8
- SHA512
  
  ecd4513b79da327de559b5c3249e411ff19749a01f8084fa91e4b8b430bb39df616e89044847926fdf4475467bd87e243b7c71155144a8418a65da0d076aa247
- SSDEEP
  
  12288:SNJFcNkY660fIaDZkY660f8jTK/XhdAwlt01PBExKN4P6IfKTLR+6CwUkEoH:SNJFagsaDZgQjGkwlks/6HnEO
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence