ebfaddc7b830eb41fe7f92f23fe45f2ce67eb45bf59e8b7f78294eac493bd4c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72a9681de5365a787255b741934c8a70N.exe
Size

303KB
Sample

240820-xh9rfa1hqm
MD5

72a9681de5365a787255b741934c8a70
SHA1

30ea1700c1721a3d027537ee7a237f62aebc264c
SHA256

ebfaddc7b830eb41fe7f92f23fe45f2ce67eb45bf59e8b7f78294eac493bd4c7
SHA512

bf17b088a66ae7794f22cb35cad9c289c379378e5735ecc4ac822cbfa96043ebdf207f9cc5f70d460da1111573f599629bef95627dc04980fdf2b97a1d4420a6
SSDEEP

6144:9eOI5CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWDSpaH8m34:oFHRFbeE8mo

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  72a9681de5365a787255b741934c8a70N.exe
- Size
  
  303KB
- MD5
  
  72a9681de5365a787255b741934c8a70
- SHA1
  
  30ea1700c1721a3d027537ee7a237f62aebc264c
- SHA256
  
  ebfaddc7b830eb41fe7f92f23fe45f2ce67eb45bf59e8b7f78294eac493bd4c7
- SHA512
  
  bf17b088a66ae7794f22cb35cad9c289c379378e5735ecc4ac822cbfa96043ebdf207f9cc5f70d460da1111573f599629bef95627dc04980fdf2b97a1d4420a6
- SSDEEP
  
  6144:9eOI5CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWDSpaH8m34:oFHRFbeE8mo
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence