435eb0092e738e0ddd1c710d4344f8663c1d253928bea54f4371908613061638 | Triage

Sharing

General

Target

435eb0092e738e0ddd1c710d4344f8663c1d253928bea54f4371908613061638
Size

85KB
Sample

240821-shmvfsvfme
MD5

addd1ff92d46f7640ce7fd613b6108af
SHA1

f10a22bfc833a4883a6ff15f715e4b10f15bcc83
SHA256

435eb0092e738e0ddd1c710d4344f8663c1d253928bea54f4371908613061638
SHA512

1b5a19368787c12e72b5e614d4c24393b58dafc5e857123487450dca6728c004c06b7a7a675c6d2b575182f49933ee3dc6957bc6bbc208acfdf7543984820530
SSDEEP

768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOgn:RshfSWHHNvoLqNwDDGw02eQmh0HjWOgn

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  435eb0092e738e0ddd1c710d4344f8663c1d253928bea54f4371908613061638
- Size
  
  85KB
- MD5
  
  addd1ff92d46f7640ce7fd613b6108af
- SHA1
  
  f10a22bfc833a4883a6ff15f715e4b10f15bcc83
- SHA256
  
  435eb0092e738e0ddd1c710d4344f8663c1d253928bea54f4371908613061638
- SHA512
  
  1b5a19368787c12e72b5e614d4c24393b58dafc5e857123487450dca6728c004c06b7a7a675c6d2b575182f49933ee3dc6957bc6bbc208acfdf7543984820530
- SSDEEP
  
  768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYD0p1aXKynF0vQmYZS0HdJnfWOgn:RshfSWHHNvoLqNwDDGw02eQmh0HjWOgn
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence