3e7151cdaa9cdb8805838c5e51442524ef4f99a5ac53fc382d35a5d2fa1c5c14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71d8bb633d0544a590be730c373c9a50N.exe
Size

320KB
Sample

240820-pd59fsvejn
MD5

71d8bb633d0544a590be730c373c9a50
SHA1

ea070c85b65b987f18a4ca1a2392064d850096e5
SHA256

3e7151cdaa9cdb8805838c5e51442524ef4f99a5ac53fc382d35a5d2fa1c5c14
SHA512

2c60c9185f408c0ea05d7fdc0c369e7a12551c9458e624e847a1a2c56774ba7b18cd78e0681410b82f199606ed41852bcee56c6cf23185e98d78c86d5151438d
SSDEEP

6144:EBpGSW/w6/eKxSlKKZ74ueKxff0qjwszeX9z6/ojwx:8NRlr54ujjgj8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  71d8bb633d0544a590be730c373c9a50N.exe
- Size
  
  320KB
- MD5
  
  71d8bb633d0544a590be730c373c9a50
- SHA1
  
  ea070c85b65b987f18a4ca1a2392064d850096e5
- SHA256
  
  3e7151cdaa9cdb8805838c5e51442524ef4f99a5ac53fc382d35a5d2fa1c5c14
- SHA512
  
  2c60c9185f408c0ea05d7fdc0c369e7a12551c9458e624e847a1a2c56774ba7b18cd78e0681410b82f199606ed41852bcee56c6cf23185e98d78c86d5151438d
- SSDEEP
  
  6144:EBpGSW/w6/eKxSlKKZ74ueKxff0qjwszeX9z6/ojwx:8NRlr54ujjgj8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence