43942bfd950214b2de4baefc79ba05c6e98864e06e00de39f00e2c1b62bae009 | Triage

Sharing

General

Target

ec8f22931465e03cb62f240488326ec0N.exe
Size

112KB
Sample

240822-q6txkashqj
MD5

ec8f22931465e03cb62f240488326ec0
SHA1

284f1358cfad6d33fd1d4d458de9a5b53c167b1f
SHA256

43942bfd950214b2de4baefc79ba05c6e98864e06e00de39f00e2c1b62bae009
SHA512

ddfda4afbfcb91ba09ca0ccf0483f55c8cf71f737a126e7ac1019f5d15b1746a077d4d0e2408173f46eb02e6c21e059fd38fc7f86657dfeb71c61cfdcd922148
SSDEEP

3072:0V1QHagEXC7w8CZODUuBXOSPhj4V+lc802eSQ:mQHaMeOQuBXpP948lc856

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ec8f22931465e03cb62f240488326ec0N.exe
- Size
  
  112KB
- MD5
  
  ec8f22931465e03cb62f240488326ec0
- SHA1
  
  284f1358cfad6d33fd1d4d458de9a5b53c167b1f
- SHA256
  
  43942bfd950214b2de4baefc79ba05c6e98864e06e00de39f00e2c1b62bae009
- SHA512
  
  ddfda4afbfcb91ba09ca0ccf0483f55c8cf71f737a126e7ac1019f5d15b1746a077d4d0e2408173f46eb02e6c21e059fd38fc7f86657dfeb71c61cfdcd922148
- SSDEEP
  
  3072:0V1QHagEXC7w8CZODUuBXOSPhj4V+lc802eSQ:mQHaMeOQuBXpP948lc856
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence