a745669fa153360e1aca9515857f364c2223515bce5ac35815390a449d673909 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebd972d6aa6f5171cda485c6d4aadb80N.exe
Size

465KB
Sample

240822-e3m43aycqh
MD5

ebd972d6aa6f5171cda485c6d4aadb80
SHA1

ac15904028c9bfd7a4a18f89b2b3f6dec2cea59b
SHA256

a745669fa153360e1aca9515857f364c2223515bce5ac35815390a449d673909
SHA512

bad4aad141633d0513125700cb6868593ece9d1dad394bda4d0ef36991e63ae8ef895b92094ea9df1998aa78f4abab0160fdd3266eab18a8c117bfaff62c35fb
SSDEEP

6144:vfDAMTpYqOILKpn/a5/VF5V4lKjIbvBhRJfzSf9x7N/I7b9M:jAMTPO8S/WNLKlUmpRe94a

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ebd972d6aa6f5171cda485c6d4aadb80N.exe
- Size
  
  465KB
- MD5
  
  ebd972d6aa6f5171cda485c6d4aadb80
- SHA1
  
  ac15904028c9bfd7a4a18f89b2b3f6dec2cea59b
- SHA256
  
  a745669fa153360e1aca9515857f364c2223515bce5ac35815390a449d673909
- SHA512
  
  bad4aad141633d0513125700cb6868593ece9d1dad394bda4d0ef36991e63ae8ef895b92094ea9df1998aa78f4abab0160fdd3266eab18a8c117bfaff62c35fb
- SSDEEP
  
  6144:vfDAMTpYqOILKpn/a5/VF5V4lKjIbvBhRJfzSf9x7N/I7b9M:jAMTPO8S/WNLKlUmpRe94a
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence