a5a8e6a1e37f665358d5345233e6fae9031f757bf7a7fc2943f57f917dc3cc5d | Triage

Sharing

General

Target

9062c898171e4574899db989bd3203b0N.exe
Size

362KB
Sample

240822-fbsqxaygkc
MD5

9062c898171e4574899db989bd3203b0
SHA1

48421670d8ff9ac30edaa03d7e69bdf55b64c00b
SHA256

a5a8e6a1e37f665358d5345233e6fae9031f757bf7a7fc2943f57f917dc3cc5d
SHA512

e85ee7ce85595a555b90825d56813e53edae2f95de3b4a671f818518a1d3a40eec83384f315a7b4e436d926876982379f8c8c963b2777545ef6c76409c811da6
SSDEEP

6144:JYrWCfh79+2eHrtGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvY:JYrWCItmuMtrQ07nGWxWSsmiMyh95r5z

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9062c898171e4574899db989bd3203b0N.exe
- Size
  
  362KB
- MD5
  
  9062c898171e4574899db989bd3203b0
- SHA1
  
  48421670d8ff9ac30edaa03d7e69bdf55b64c00b
- SHA256
  
  a5a8e6a1e37f665358d5345233e6fae9031f757bf7a7fc2943f57f917dc3cc5d
- SHA512
  
  e85ee7ce85595a555b90825d56813e53edae2f95de3b4a671f818518a1d3a40eec83384f315a7b4e436d926876982379f8c8c963b2777545ef6c76409c811da6
- SSDEEP
  
  6144:JYrWCfh79+2eHrtGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvY:JYrWCItmuMtrQ07nGWxWSsmiMyh95r5z
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence