9e8c7b141f3cb30a52069e9117add3c70fcf95a5873fafe314f0d7e30b9c9aca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca6e26c14769d3e58cceeba43fe8a010N.exe
Size

669KB
Sample

240822-tgdqtsware
MD5

ca6e26c14769d3e58cceeba43fe8a010
SHA1

d2997c83c69fbfe1e592a24de3e2751da216c86d
SHA256

9e8c7b141f3cb30a52069e9117add3c70fcf95a5873fafe314f0d7e30b9c9aca
SHA512

9d3d3f56536e6575636c1ecbbe0f789cc66fa73a029ce8a7d85c71fae167547a4ba64e2c2c15b07660baef905f842c65f55dda10d52249f34c5999cedacde9d0
SSDEEP

12288:Y7A3DeVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:YGachMpQnqrdX72LbY6x46uR/qYglMi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ca6e26c14769d3e58cceeba43fe8a010N.exe
- Size
  
  669KB
- MD5
  
  ca6e26c14769d3e58cceeba43fe8a010
- SHA1
  
  d2997c83c69fbfe1e592a24de3e2751da216c86d
- SHA256
  
  9e8c7b141f3cb30a52069e9117add3c70fcf95a5873fafe314f0d7e30b9c9aca
- SHA512
  
  9d3d3f56536e6575636c1ecbbe0f789cc66fa73a029ce8a7d85c71fae167547a4ba64e2c2c15b07660baef905f842c65f55dda10d52249f34c5999cedacde9d0
- SSDEEP
  
  12288:Y7A3DeVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:YGachMpQnqrdX72LbY6x46uR/qYglMi
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence