6f81ebc1955cf1f8ab9b80d49280ceb10f0111ed4857f7a31e2bb130207882c5 | Triage

Sharing

General

Target

6f81ebc1955cf1f8ab9b80d49280ceb10f0111ed4857f7a31e2bb130207882c5
Size

93KB
Sample

240823-1s4vqaygkf
MD5

bfc8476437c673562f753540127d1360
SHA1

a18546fcb0d7c006c4b5e4b11c47cf270ab1b280
SHA256

6f81ebc1955cf1f8ab9b80d49280ceb10f0111ed4857f7a31e2bb130207882c5
SHA512

50737b9d59f529dc91d2ab87610b1aa6b87a0838438101032de14564d603cbe17150b1d2c9e22dd9a58dedf5bd7cc5a464b15ab427810b58107e7e65a2bbd8f9
SSDEEP

1536:ydiONfo5lRl2z7b+46z5Zb/C7kr55mL8eUwwyv5fsaMiwihtIbbpkp:MHWTl2i42Db55mL8vwwi5fdMiwaIbbp4

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6f81ebc1955cf1f8ab9b80d49280ceb10f0111ed4857f7a31e2bb130207882c5
- Size
  
  93KB
- MD5
  
  bfc8476437c673562f753540127d1360
- SHA1
  
  a18546fcb0d7c006c4b5e4b11c47cf270ab1b280
- SHA256
  
  6f81ebc1955cf1f8ab9b80d49280ceb10f0111ed4857f7a31e2bb130207882c5
- SHA512
  
  50737b9d59f529dc91d2ab87610b1aa6b87a0838438101032de14564d603cbe17150b1d2c9e22dd9a58dedf5bd7cc5a464b15ab427810b58107e7e65a2bbd8f9
- SSDEEP
  
  1536:ydiONfo5lRl2z7b+46z5Zb/C7kr55mL8eUwwyv5fsaMiwihtIbbpkp:MHWTl2i42Db55mL8vwwi5fdMiwaIbbp4
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence