08c87dd1925a21b69c7aab6655e20e3aa1bb9991d281f577a267f8d696270937 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa1e897936ddef0abad517f5baba4ea0N.exe
Size

110KB
Sample

240822-1gk88sygqe
MD5

aa1e897936ddef0abad517f5baba4ea0
SHA1

070218c1244f3b58db392fc7f61f223346425f48
SHA256

08c87dd1925a21b69c7aab6655e20e3aa1bb9991d281f577a267f8d696270937
SHA512

ed5ee8f8a698f8aa3361d0a4e58f438749ef5e52a16e4f5c5cb1adc0ea49581fcbd6ae6ad30f88aef7a648f268d1c62ab150884ade3d70d1f88c9dbb42ea1e13
SSDEEP

3072:wmTXzJiBalxJ+ZIejZJBBaMMqEZTLJiXSk6IXP:jTWa/47ZJ4qpSk6k

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  aa1e897936ddef0abad517f5baba4ea0N.exe
- Size
  
  110KB
- MD5
  
  aa1e897936ddef0abad517f5baba4ea0
- SHA1
  
  070218c1244f3b58db392fc7f61f223346425f48
- SHA256
  
  08c87dd1925a21b69c7aab6655e20e3aa1bb9991d281f577a267f8d696270937
- SHA512
  
  ed5ee8f8a698f8aa3361d0a4e58f438749ef5e52a16e4f5c5cb1adc0ea49581fcbd6ae6ad30f88aef7a648f268d1c62ab150884ade3d70d1f88c9dbb42ea1e13
- SSDEEP
  
  3072:wmTXzJiBalxJ+ZIejZJBBaMMqEZTLJiXSk6IXP:jTWa/47ZJ4qpSk6k
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence