2ba775cb50ed1a9b0fac6b3cf296c71b1168b9ca119954f1e70dd591d6a63ad5 | Triage

Sharing

General

Target

c98021748b6059a8e68bb6e9e6dd3c20N.exe
Size

100KB
Sample

240822-n3ra6avhpc
MD5

c98021748b6059a8e68bb6e9e6dd3c20
SHA1

fb72830e2a91cca4b77fef72e9bb8277adc270b4
SHA256

2ba775cb50ed1a9b0fac6b3cf296c71b1168b9ca119954f1e70dd591d6a63ad5
SHA512

be7a9f424857a3bbf6cd43eed4df82fd73f733a369f071f9e3ca221e19c328652ad593fbeb5c412ef100c401b1ddb261258a6e3622e0586f19fa4a0f15e2e467
SSDEEP

3072:Cz1RJXotaW/ytWyv1IRudgb3a3+X13XRz:jtKtWyvK0K7aOl3Bz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c98021748b6059a8e68bb6e9e6dd3c20N.exe
- Size
  
  100KB
- MD5
  
  c98021748b6059a8e68bb6e9e6dd3c20
- SHA1
  
  fb72830e2a91cca4b77fef72e9bb8277adc270b4
- SHA256
  
  2ba775cb50ed1a9b0fac6b3cf296c71b1168b9ca119954f1e70dd591d6a63ad5
- SHA512
  
  be7a9f424857a3bbf6cd43eed4df82fd73f733a369f071f9e3ca221e19c328652ad593fbeb5c412ef100c401b1ddb261258a6e3622e0586f19fa4a0f15e2e467
- SSDEEP
  
  3072:Cz1RJXotaW/ytWyv1IRudgb3a3+X13XRz:jtKtWyvK0K7aOl3Bz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence