9f654293f6e7b0e772f8ab58a27ecdb7d8027e24f2ecebbbb6888868090b0de6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97bf65da94f3297351b9559004198030N.exe
Size

187KB
Sample

240821-1mh13asckg
MD5

97bf65da94f3297351b9559004198030
SHA1

755762044a191d98c01f156c92ec390f4e43e05a
SHA256

9f654293f6e7b0e772f8ab58a27ecdb7d8027e24f2ecebbbb6888868090b0de6
SHA512

4b84b832e111b885662b0630202196730a6fba94b0eefbf24e285fced4f0ed4d333eb8d4f80c235b9675fe5451f5440f1fe5137c65515124e914f269c24630f1
SSDEEP

3072:OhGiod0e9Gzo7tAj7FHIAVrVgtRQ2c+tlB5xpWJLM77OkeCK2+hDueH:OgiQ0e9Gzvj7Fo4rV+tbFOLM77OLLt

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  97bf65da94f3297351b9559004198030N.exe
- Size
  
  187KB
- MD5
  
  97bf65da94f3297351b9559004198030
- SHA1
  
  755762044a191d98c01f156c92ec390f4e43e05a
- SHA256
  
  9f654293f6e7b0e772f8ab58a27ecdb7d8027e24f2ecebbbb6888868090b0de6
- SHA512
  
  4b84b832e111b885662b0630202196730a6fba94b0eefbf24e285fced4f0ed4d333eb8d4f80c235b9675fe5451f5440f1fe5137c65515124e914f269c24630f1
- SSDEEP
  
  3072:OhGiod0e9Gzo7tAj7FHIAVrVgtRQ2c+tlB5xpWJLM77OkeCK2+hDueH:OgiQ0e9Gzvj7Fo4rV+tbFOLM77OLLt
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence