f273cfdb27c50269f6c9d2d770d22b2b7d1398a76b280327f9228723016b6ccd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de1b8c2070952923bb166e5c5cec8eb0N.exe
Size

128KB
Sample

240822-xjhpcasdka
MD5

de1b8c2070952923bb166e5c5cec8eb0
SHA1

89421e380775bf6d55a034545664cef7d410862d
SHA256

f273cfdb27c50269f6c9d2d770d22b2b7d1398a76b280327f9228723016b6ccd
SHA512

041bf708a03ed50732a97424605beb12b242e729508ed1b890c5f7fb84bb155a69cb9b91987a43c7ecbde038d6617b7bb9defe6d76202dc6626a7df1b901cfad
SSDEEP

3072:6kH1DSB3i0OTKEAk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/:6kHR63+KEAFtCApaH8m3QIvMWH5H

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  de1b8c2070952923bb166e5c5cec8eb0N.exe
- Size
  
  128KB
- MD5
  
  de1b8c2070952923bb166e5c5cec8eb0
- SHA1
  
  89421e380775bf6d55a034545664cef7d410862d
- SHA256
  
  f273cfdb27c50269f6c9d2d770d22b2b7d1398a76b280327f9228723016b6ccd
- SHA512
  
  041bf708a03ed50732a97424605beb12b242e729508ed1b890c5f7fb84bb155a69cb9b91987a43c7ecbde038d6617b7bb9defe6d76202dc6626a7df1b901cfad
- SSDEEP
  
  3072:6kH1DSB3i0OTKEAk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/:6kHR63+KEAFtCApaH8m3QIvMWH5H
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence