c904ba1538ee17cdeb337578e4395943a5edcf956aa4400d0b478e2b43391c3b | Triage

Sharing

General

Target

b14409fb388cfe2b597367ead73f6930N.exe
Size

232KB
Sample

240821-gt74zsxalr
MD5

b14409fb388cfe2b597367ead73f6930
SHA1

9f6819766106023f7c625ee7f6f7f1d771575e3e
SHA256

c904ba1538ee17cdeb337578e4395943a5edcf956aa4400d0b478e2b43391c3b
SHA512

0200172966317cd72f323eb42afd04197e33e20362e552df894a50cf88e1ea5e421bc705a91bcc2681a57588c1b0af14b5ee4e0a1ecfcc1155ea206092320a09
SSDEEP

3072:ByCUbtalTyeKvigPO7usluTXp6UF5wzec+tZOnU1/s5HH0AU/yRvS3u121TzlbNR:ZleHv7O6s21L7/s50z/Wa3/PNlPX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b14409fb388cfe2b597367ead73f6930N.exe
- Size
  
  232KB
- MD5
  
  b14409fb388cfe2b597367ead73f6930
- SHA1
  
  9f6819766106023f7c625ee7f6f7f1d771575e3e
- SHA256
  
  c904ba1538ee17cdeb337578e4395943a5edcf956aa4400d0b478e2b43391c3b
- SHA512
  
  0200172966317cd72f323eb42afd04197e33e20362e552df894a50cf88e1ea5e421bc705a91bcc2681a57588c1b0af14b5ee4e0a1ecfcc1155ea206092320a09
- SSDEEP
  
  3072:ByCUbtalTyeKvigPO7usluTXp6UF5wzec+tZOnU1/s5HH0AU/yRvS3u121TzlbNR:ZleHv7O6s21L7/s50z/Wa3/PNlPX
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence