e1aa1f1fb30173999797d102393cac57f4e558cb9721227fba6ff6304a9c6b91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

492a3d51ddeed8ca47cfe8d5a43e8430N.exe
Size

96KB
Sample

240822-jpjxpswbnd
MD5

492a3d51ddeed8ca47cfe8d5a43e8430
SHA1

c4f73d935ec145816ef2d2e14dfe8d34b7c384c2
SHA256

e1aa1f1fb30173999797d102393cac57f4e558cb9721227fba6ff6304a9c6b91
SHA512

6db8108992ece2e705fb951704c192d43ddacc9017248b6b11e7d87a0eb97c7d4c508424adaf2537b2c5c8e0118e068fba7c246e7ffcf1edf308b0744cfb4862
SSDEEP

1536:CGRsX6X0uunQy0H+3Zwr7rr1111+CAPgnDNBrcN4i6tBYuR3PlNPMAZ:CzqX0Uy00Z6+CAPgxed6BYudlNPMAZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  492a3d51ddeed8ca47cfe8d5a43e8430N.exe
- Size
  
  96KB
- MD5
  
  492a3d51ddeed8ca47cfe8d5a43e8430
- SHA1
  
  c4f73d935ec145816ef2d2e14dfe8d34b7c384c2
- SHA256
  
  e1aa1f1fb30173999797d102393cac57f4e558cb9721227fba6ff6304a9c6b91
- SHA512
  
  6db8108992ece2e705fb951704c192d43ddacc9017248b6b11e7d87a0eb97c7d4c508424adaf2537b2c5c8e0118e068fba7c246e7ffcf1edf308b0744cfb4862
- SSDEEP
  
  1536:CGRsX6X0uunQy0H+3Zwr7rr1111+CAPgnDNBrcN4i6tBYuR3PlNPMAZ:CzqX0Uy00Z6+CAPgxed6BYudlNPMAZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence