e065865503306c7a4ed7b85fc6644e0460f6b648a0d60cc2e87fbd6b72bc91bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eec4114bf4244370128319a802181460N.exe
Size

320KB
Sample

240822-y3ktgsydmj
MD5

eec4114bf4244370128319a802181460
SHA1

3f427b0c821872ccbd17fe0106be253f28d9c336
SHA256

e065865503306c7a4ed7b85fc6644e0460f6b648a0d60cc2e87fbd6b72bc91bd
SHA512

efba7bcc850c025f9c7cab0d4c564507633fa30ed0e2b6533f11cd5b1b4352c04e10c8667dcf6cf7fdf88349adb0ccc5e05e1e395966ff338424fbc3f861eeaf
SSDEEP

6144:F3cdV93J+mPOwXYrMdlpfDFk/pB7gl0cziyqczZd7LFO3A9xoLBZ9oGnFnj+MpZ7:+dVywIKfDy/phgeczlqczZd7LFB3oFH5

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  eec4114bf4244370128319a802181460N.exe
- Size
  
  320KB
- MD5
  
  eec4114bf4244370128319a802181460
- SHA1
  
  3f427b0c821872ccbd17fe0106be253f28d9c336
- SHA256
  
  e065865503306c7a4ed7b85fc6644e0460f6b648a0d60cc2e87fbd6b72bc91bd
- SHA512
  
  efba7bcc850c025f9c7cab0d4c564507633fa30ed0e2b6533f11cd5b1b4352c04e10c8667dcf6cf7fdf88349adb0ccc5e05e1e395966ff338424fbc3f861eeaf
- SSDEEP
  
  6144:F3cdV93J+mPOwXYrMdlpfDFk/pB7gl0cziyqczZd7LFO3A9xoLBZ9oGnFnj+MpZ7:+dVywIKfDy/phgeczlqczZd7LFB3oFH5
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence