30e54a271ccd9cfb48daff15afe5f0b443922e0f693591c68d4cfcca7fc50779 | Triage

Sharing

General

Target

30e54a271ccd9cfb48daff15afe5f0b443922e0f693591c68d4cfcca7fc50779
Size

74KB
Sample

240821-h5htxawcja
MD5

532ea4a4f2b17530b9455ef88a4b331e
SHA1

7eb2dcc1173b0762a445dcc805276bb8c4756645
SHA256

30e54a271ccd9cfb48daff15afe5f0b443922e0f693591c68d4cfcca7fc50779
SHA512

7f0bc0c7f05160c3c47aaa6a5ce07e1986196c8172f9c26f22cacb2a318212cf7ded90b2134a313e1b747c2fefeb879059607bbd4a61e702265dabf7578c119b
SSDEEP

768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOO:RshfSWHHNvoLqNwDDGw02eQmh0HjWOO

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  30e54a271ccd9cfb48daff15afe5f0b443922e0f693591c68d4cfcca7fc50779
- Size
  
  74KB
- MD5
  
  532ea4a4f2b17530b9455ef88a4b331e
- SHA1
  
  7eb2dcc1173b0762a445dcc805276bb8c4756645
- SHA256
  
  30e54a271ccd9cfb48daff15afe5f0b443922e0f693591c68d4cfcca7fc50779
- SHA512
  
  7f0bc0c7f05160c3c47aaa6a5ce07e1986196c8172f9c26f22cacb2a318212cf7ded90b2134a313e1b747c2fefeb879059607bbd4a61e702265dabf7578c119b
- SSDEEP
  
  768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOO:RshfSWHHNvoLqNwDDGw02eQmh0HjWOO
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence