289630a1ea91643346899610b0cc9b50b683f25f61aee73cc3eb9e152a8b8102 | Triage

Sharing

General

Target

8eec561f36f37a4d8f736faffb95fbd0N.exe
Size

896KB
Sample

240822-ddekysvepg
MD5

8eec561f36f37a4d8f736faffb95fbd0
SHA1

4c00b8466cbbefcedfc2f426971df47f45bccb62
SHA256

289630a1ea91643346899610b0cc9b50b683f25f61aee73cc3eb9e152a8b8102
SHA512

4e9ff8415dc1d6418c55ec6ad93549a0f6f97cc2d2e4ac77d6b10e5649c5c17287ee2bce9c1d2042d1731ef5131155520e04cb4ff8469c919cd5e638be750147
SSDEEP

6144:C7i5terWdsC5CPXbo92ynnZMqKLDK2Q9zsyVH3imoQiRLsmAKWEnaW377a85n0RM:DnFMusMH0QiRLsR4P377a20R01F50+5

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8eec561f36f37a4d8f736faffb95fbd0N.exe
- Size
  
  896KB
- MD5
  
  8eec561f36f37a4d8f736faffb95fbd0
- SHA1
  
  4c00b8466cbbefcedfc2f426971df47f45bccb62
- SHA256
  
  289630a1ea91643346899610b0cc9b50b683f25f61aee73cc3eb9e152a8b8102
- SHA512
  
  4e9ff8415dc1d6418c55ec6ad93549a0f6f97cc2d2e4ac77d6b10e5649c5c17287ee2bce9c1d2042d1731ef5131155520e04cb4ff8469c919cd5e638be750147
- SSDEEP
  
  6144:C7i5terWdsC5CPXbo92ynnZMqKLDK2Q9zsyVH3imoQiRLsmAKWEnaW377a85n0RM:DnFMusMH0QiRLsR4P377a20R01F50+5
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence