6425a0850fcc86a205fb116b48386977880a427c90d63931f8b2ec1561a219be | Triage

Sharing

General

Target

dc22a10fbedc60f7e42d524c306a6960N.exe
Size

109KB
Sample

240822-gaaz5s1clb
MD5

dc22a10fbedc60f7e42d524c306a6960
SHA1

cbd0eb3814260304333dad3071474176075e9d7d
SHA256

6425a0850fcc86a205fb116b48386977880a427c90d63931f8b2ec1561a219be
SHA512

f30caaf97e046fd3571363c45cd3d9fec8ff6fea0ded0bf9425bdf96e3cf214ace223f89f8d496fdb2f51b98457db68832d0056b0fa9865e6c515ac430f13cba
SSDEEP

3072:/84RIRfMhLplynDE58fo3PXl9Z7S/yCsKh2EzZA/z:kKIRfMhKnDE5go35e/yCthvUz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dc22a10fbedc60f7e42d524c306a6960N.exe
- Size
  
  109KB
- MD5
  
  dc22a10fbedc60f7e42d524c306a6960
- SHA1
  
  cbd0eb3814260304333dad3071474176075e9d7d
- SHA256
  
  6425a0850fcc86a205fb116b48386977880a427c90d63931f8b2ec1561a219be
- SHA512
  
  f30caaf97e046fd3571363c45cd3d9fec8ff6fea0ded0bf9425bdf96e3cf214ace223f89f8d496fdb2f51b98457db68832d0056b0fa9865e6c515ac430f13cba
- SSDEEP
  
  3072:/84RIRfMhLplynDE58fo3PXl9Z7S/yCsKh2EzZA/z:kKIRfMhKnDE5go35e/yCthvUz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence