d6b03817556635bd8a1509c759d6fd6914eee8e11a712ccbd65d936f1e994a7a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad3ff5c22c790ca34d0dcab1171cc160N.exe
Size

144KB
Sample

240822-kz5slaybke
MD5

ad3ff5c22c790ca34d0dcab1171cc160
SHA1

a67071808e72a2dba18e9f35c8f703b5212bb6f6
SHA256

d6b03817556635bd8a1509c759d6fd6914eee8e11a712ccbd65d936f1e994a7a
SHA512

9714790b6486a2894b60dbe588a0d220fb36790867a4c00206e991580ec42e599fb4c6093d5208660292378d8b0dfbfe9ca95d4293df8512170c65a81b87c4af
SSDEEP

3072:/lpz0b3C0s/NHLUMQH2qC7ZQOlzSLUK6MwGsGnDc9nhVizLrId0:/ADCTNHwMQWfdQOhwJ6MwGsmLrId0

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ad3ff5c22c790ca34d0dcab1171cc160N.exe
- Size
  
  144KB
- MD5
  
  ad3ff5c22c790ca34d0dcab1171cc160
- SHA1
  
  a67071808e72a2dba18e9f35c8f703b5212bb6f6
- SHA256
  
  d6b03817556635bd8a1509c759d6fd6914eee8e11a712ccbd65d936f1e994a7a
- SHA512
  
  9714790b6486a2894b60dbe588a0d220fb36790867a4c00206e991580ec42e599fb4c6093d5208660292378d8b0dfbfe9ca95d4293df8512170c65a81b87c4af
- SSDEEP
  
  3072:/lpz0b3C0s/NHLUMQH2qC7ZQOlzSLUK6MwGsGnDc9nhVizLrId0:/ADCTNHwMQWfdQOhwJ6MwGsmLrId0
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence