83f97de06c644017817642b4037941204be6e5c92916958a8a468357692b6000 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4fe2c7c47514b5552cf347e99335ad0N.exe
Size

112KB
Sample

240822-mh78havcql
MD5

f4fe2c7c47514b5552cf347e99335ad0
SHA1

8685251bc0cf1d37999c08acd003d75daf338cd5
SHA256

83f97de06c644017817642b4037941204be6e5c92916958a8a468357692b6000
SHA512

918e0e444be1da50fce7f69e39c4be40ae64ed218fa03b69478e157d0a38d60d897ecc87301fa525014c0177fd13b129ceb30b3b147b1bc22d711240bcb376a6
SSDEEP

3072:Pes/gyD/YkD3Zr27JjcXkrrpauNedet+lc802eSQ:ms/gyrY8JrsJA0rrpTNedeUlc856

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f4fe2c7c47514b5552cf347e99335ad0N.exe
- Size
  
  112KB
- MD5
  
  f4fe2c7c47514b5552cf347e99335ad0
- SHA1
  
  8685251bc0cf1d37999c08acd003d75daf338cd5
- SHA256
  
  83f97de06c644017817642b4037941204be6e5c92916958a8a468357692b6000
- SHA512
  
  918e0e444be1da50fce7f69e39c4be40ae64ed218fa03b69478e157d0a38d60d897ecc87301fa525014c0177fd13b129ceb30b3b147b1bc22d711240bcb376a6
- SSDEEP
  
  3072:Pes/gyD/YkD3Zr27JjcXkrrpauNedet+lc802eSQ:ms/gyrY8JrsJA0rrpTNedeUlc856
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence