fb6ae22d8ccd72488f4d119d8dee7347554c326cd2af662b2c8d3b2e5ff63ab2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7d112123aa0a9b9425dc395c8a2a860N.exe
Size

896KB
Sample

240821-wryvvsshle
MD5

c7d112123aa0a9b9425dc395c8a2a860
SHA1

7bf2e0234094f421f237467eb6f699730deb642b
SHA256

fb6ae22d8ccd72488f4d119d8dee7347554c326cd2af662b2c8d3b2e5ff63ab2
SHA512

2b24ac7422406a128f3e4dfad5d025e13ea4c07859ef36f9850bdd81a98b3e4c1a5d8845205aeb62fe546046dc03143598e3cab27f3b68be93cc4aa6c54e2991
SSDEEP

6144:vZhgq8UMNp7TVX3J/1awbWGRdA6sQc/YRuEunZHpFw:vkqfAPbWGRdA6sQxuEuZH8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c7d112123aa0a9b9425dc395c8a2a860N.exe
- Size
  
  896KB
- MD5
  
  c7d112123aa0a9b9425dc395c8a2a860
- SHA1
  
  7bf2e0234094f421f237467eb6f699730deb642b
- SHA256
  
  fb6ae22d8ccd72488f4d119d8dee7347554c326cd2af662b2c8d3b2e5ff63ab2
- SHA512
  
  2b24ac7422406a128f3e4dfad5d025e13ea4c07859ef36f9850bdd81a98b3e4c1a5d8845205aeb62fe546046dc03143598e3cab27f3b68be93cc4aa6c54e2991
- SSDEEP
  
  6144:vZhgq8UMNp7TVX3J/1awbWGRdA6sQc/YRuEunZHpFw:vkqfAPbWGRdA6sQxuEuZH8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence