ee9b9ede8b9ded9d0ec4c72595f2b18e90ea438ba8977991939e760d7c7d7e2b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8801c0a189f18fc398f24620403ed6a0N.exe
Size

192KB
Sample

240822-jwjkhswdpa
MD5

8801c0a189f18fc398f24620403ed6a0
SHA1

73045e5b3efb47c6d9b02e865bbde17ccb0755fb
SHA256

ee9b9ede8b9ded9d0ec4c72595f2b18e90ea438ba8977991939e760d7c7d7e2b
SHA512

096c1ca3afd9dc090e54f6cd030d1c39b2bc9bd9f88120de81d5fd061dfc035e01ad4a61bccbcb01284a26949b602c58d6a4f74afb9edd37f7b33f1739524fa1
SSDEEP

3072:oS3u9n1ulxH2g4Miq9aGDd1AZoUBW3FJeRuaWNXmgu+tAcrbFAJc+RsUi1aVDk5:o8YulPhmEdWZHEFJ7aWN1rtMsP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8801c0a189f18fc398f24620403ed6a0N.exe
- Size
  
  192KB
- MD5
  
  8801c0a189f18fc398f24620403ed6a0
- SHA1
  
  73045e5b3efb47c6d9b02e865bbde17ccb0755fb
- SHA256
  
  ee9b9ede8b9ded9d0ec4c72595f2b18e90ea438ba8977991939e760d7c7d7e2b
- SHA512
  
  096c1ca3afd9dc090e54f6cd030d1c39b2bc9bd9f88120de81d5fd061dfc035e01ad4a61bccbcb01284a26949b602c58d6a4f74afb9edd37f7b33f1739524fa1
- SSDEEP
  
  3072:oS3u9n1ulxH2g4Miq9aGDd1AZoUBW3FJeRuaWNXmgu+tAcrbFAJc+RsUi1aVDk5:o8YulPhmEdWZHEFJ7aWN1rtMsP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence