ed16387b6508da30207fc4b86ab38ee70ad904e34786279ffac7d7b2b5cb1200 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a21bb33f6a488f7e5d63972327582380N.exe
Size

640KB
Sample

240822-hz9ensxfnk
MD5

a21bb33f6a488f7e5d63972327582380
SHA1

f5431e710bc04d89a9a316fe2e01ba16912ce2f8
SHA256

ed16387b6508da30207fc4b86ab38ee70ad904e34786279ffac7d7b2b5cb1200
SHA512

329f288481f4ef544e0881a80fedbdf5e4853357d8cc2fc69950bcbe7fa6b984e0a297b7354d98fd3a734474211408231feef7bf3646b94d68791947ccd1c833
SSDEEP

3072:mTuMMzrrZPpie9FOR98TyxGkIs6COoU60EaBNNVBZ:mTuM8r1ci4RAyAkOCOu0EajNVBZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a21bb33f6a488f7e5d63972327582380N.exe
- Size
  
  640KB
- MD5
  
  a21bb33f6a488f7e5d63972327582380
- SHA1
  
  f5431e710bc04d89a9a316fe2e01ba16912ce2f8
- SHA256
  
  ed16387b6508da30207fc4b86ab38ee70ad904e34786279ffac7d7b2b5cb1200
- SHA512
  
  329f288481f4ef544e0881a80fedbdf5e4853357d8cc2fc69950bcbe7fa6b984e0a297b7354d98fd3a734474211408231feef7bf3646b94d68791947ccd1c833
- SSDEEP
  
  3072:mTuMMzrrZPpie9FOR98TyxGkIs6COoU60EaBNNVBZ:mTuM8r1ci4RAyAkOCOu0EajNVBZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence