40425c727f0b52962763e19f790479f1d3c864b54a7beece0dde3225f19ab644 | Triage

Sharing

General

Target

dde934e2c9400b002707f5666e606630N.exe
Size

168KB
Sample

240822-a4fddszara
MD5

dde934e2c9400b002707f5666e606630
SHA1

9b6fa8cd0592bdfc50a6001cff46689661a20a3a
SHA256

40425c727f0b52962763e19f790479f1d3c864b54a7beece0dde3225f19ab644
SHA512

8f4d7c0bc6ecbe44d5d401c066c1ee21b6377de692fe51fcb5a9063b8ff29c07be1bbf7cc87ed7d52895e232494ae3c6019912fb206339ace6f32e15c81fe12d
SSDEEP

3072:utHNMDlQsnCFVxUUutXKLfD42VqZ2fQkbn1vVAva63HePH/RAPJis2Ht3IjXn326:6t7U0fD42g4fQkjxqvak+PH/RARMHGbH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dde934e2c9400b002707f5666e606630N.exe
- Size
  
  168KB
- MD5
  
  dde934e2c9400b002707f5666e606630
- SHA1
  
  9b6fa8cd0592bdfc50a6001cff46689661a20a3a
- SHA256
  
  40425c727f0b52962763e19f790479f1d3c864b54a7beece0dde3225f19ab644
- SHA512
  
  8f4d7c0bc6ecbe44d5d401c066c1ee21b6377de692fe51fcb5a9063b8ff29c07be1bbf7cc87ed7d52895e232494ae3c6019912fb206339ace6f32e15c81fe12d
- SSDEEP
  
  3072:utHNMDlQsnCFVxUUutXKLfD42VqZ2fQkbn1vVAva63HePH/RAPJis2Ht3IjXn326:6t7U0fD42g4fQkjxqvak+PH/RARMHGbH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence