d3fe732b9e9258289f1e9d3a2b107664b6088a72e3bf4b85cbc166ada5a8f4a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2a13ddc2137ab584220c85c01d59050N.exe
Size

128KB
Sample

240821-2gexwsthlh
MD5

e2a13ddc2137ab584220c85c01d59050
SHA1

20428fc41152e66cc584466234f07e4d889028bc
SHA256

d3fe732b9e9258289f1e9d3a2b107664b6088a72e3bf4b85cbc166ada5a8f4a2
SHA512

7ee699814f982c2907fa7a5a33776bc6676bccbdbd3e71a3db19edc221d8d5210e8ad511ecad4f6cef0d05953f7cb6c2bd545fc0e4292ebc855b80bed1177c3c
SSDEEP

3072:DuahzRly1UyxSh+6TGoG02/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:Cgymy419/4BhHmNEcYj9nhV8NCU

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e2a13ddc2137ab584220c85c01d59050N.exe
- Size
  
  128KB
- MD5
  
  e2a13ddc2137ab584220c85c01d59050
- SHA1
  
  20428fc41152e66cc584466234f07e4d889028bc
- SHA256
  
  d3fe732b9e9258289f1e9d3a2b107664b6088a72e3bf4b85cbc166ada5a8f4a2
- SHA512
  
  7ee699814f982c2907fa7a5a33776bc6676bccbdbd3e71a3db19edc221d8d5210e8ad511ecad4f6cef0d05953f7cb6c2bd545fc0e4292ebc855b80bed1177c3c
- SSDEEP
  
  3072:DuahzRly1UyxSh+6TGoG02/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:Cgymy419/4BhHmNEcYj9nhV8NCU
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence