32b9c6ec6bbd8e5f445d3eb558453737f585cb4826bcdc243de2616f9f814d45 | Triage

Sharing

General

Target

ee3be3cd22a046a8e1d0ee03e7fd8810N.exe
Size

512KB
Sample

240822-w6rp4athjm
MD5

ee3be3cd22a046a8e1d0ee03e7fd8810
SHA1

647908ddb55db682a3422366d1ca9a6071a7b7c3
SHA256

32b9c6ec6bbd8e5f445d3eb558453737f585cb4826bcdc243de2616f9f814d45
SHA512

512a4f4befa66338fc6a4e957bc664aeac39086d8feb96a154661b02ff77eedd6b6dad7ff4ca11b29ccfe89ebca102f989bd9d1f4c803ddd5e96dc49a9279b11
SSDEEP

6144:/V7cc4/YMrdQt383PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5fjlt01PB93G4:Nnr/Ng1/Nblt01PBExK

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee3be3cd22a046a8e1d0ee03e7fd8810N.exe
- Size
  
  512KB
- MD5
  
  ee3be3cd22a046a8e1d0ee03e7fd8810
- SHA1
  
  647908ddb55db682a3422366d1ca9a6071a7b7c3
- SHA256
  
  32b9c6ec6bbd8e5f445d3eb558453737f585cb4826bcdc243de2616f9f814d45
- SHA512
  
  512a4f4befa66338fc6a4e957bc664aeac39086d8feb96a154661b02ff77eedd6b6dad7ff4ca11b29ccfe89ebca102f989bd9d1f4c803ddd5e96dc49a9279b11
- SSDEEP
  
  6144:/V7cc4/YMrdQt383PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5fjlt01PB93G4:Nnr/Ng1/Nblt01PBExK
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence