f66b4064c789b0089439a91830957876c3b36beea5d37f7db1217c739fbe2050 | Triage

Sharing

General

Target

e134b3d072ead237cc843189af364900N.exe
Size

128KB
Sample

240822-wdf3wszckc
MD5

e134b3d072ead237cc843189af364900
SHA1

f1ee57f899cde238ed53b77a7c9e6f7914b3b3c7
SHA256

f66b4064c789b0089439a91830957876c3b36beea5d37f7db1217c739fbe2050
SHA512

c9243edc6b714d29144658ade6b1d4ec95cb8c8a1936e09017f8110f05da2960b459d01c4a7e5e9b172e429524e37e587be3d7ef652b40155e7e4a2b85381289
SSDEEP

3072:g6cpmvWmdLHZFCREXdXNKT1ntPG9poDrFDHZtOgl:gzOW+jZwCN9Otopg5tTl

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e134b3d072ead237cc843189af364900N.exe
- Size
  
  128KB
- MD5
  
  e134b3d072ead237cc843189af364900
- SHA1
  
  f1ee57f899cde238ed53b77a7c9e6f7914b3b3c7
- SHA256
  
  f66b4064c789b0089439a91830957876c3b36beea5d37f7db1217c739fbe2050
- SHA512
  
  c9243edc6b714d29144658ade6b1d4ec95cb8c8a1936e09017f8110f05da2960b459d01c4a7e5e9b172e429524e37e587be3d7ef652b40155e7e4a2b85381289
- SSDEEP
  
  3072:g6cpmvWmdLHZFCREXdXNKT1ntPG9poDrFDHZtOgl:gzOW+jZwCN9Otopg5tTl
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence