5b992c94f5810cb974f56cd008d95764525ca36a8daa35b941f7f4371848f154 | Triage

Sharing

General

Target

c59b2fe3166e3472a4f04a0bc7b03470N.exe
Size

63KB
Sample

240821-crbksayhkr
MD5

c59b2fe3166e3472a4f04a0bc7b03470
SHA1

cd56c28340dd0e383645f47b84a23dece9a20e88
SHA256

5b992c94f5810cb974f56cd008d95764525ca36a8daa35b941f7f4371848f154
SHA512

4c7297abddaed6a082f93847bb289c33d36970dfefd40918bfe5a6409c261966f03224fd59e04d7e489a34cd26d6d29c0fbf67e5de21832dddec51b0aa8f401d
SSDEEP

1536:XQ5speJSxOn9wlQaelnD7KdzVH1juIZo:XAspeJSxOnulQTlD7KdzVH1juIZo

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c59b2fe3166e3472a4f04a0bc7b03470N.exe
- Size
  
  63KB
- MD5
  
  c59b2fe3166e3472a4f04a0bc7b03470
- SHA1
  
  cd56c28340dd0e383645f47b84a23dece9a20e88
- SHA256
  
  5b992c94f5810cb974f56cd008d95764525ca36a8daa35b941f7f4371848f154
- SHA512
  
  4c7297abddaed6a082f93847bb289c33d36970dfefd40918bfe5a6409c261966f03224fd59e04d7e489a34cd26d6d29c0fbf67e5de21832dddec51b0aa8f401d
- SSDEEP
  
  1536:XQ5speJSxOn9wlQaelnD7KdzVH1juIZo:XAspeJSxOnulQTlD7KdzVH1juIZo
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence