80dfc5c131dbd424bd6ce6fc8f65c398575aa46b6ed93a37f3e5a645788f7a1a | Triage

Sharing

General

Target

80dfc5c131dbd424bd6ce6fc8f65c398575aa46b6ed93a37f3e5a645788f7a1a
Size

390KB
Sample

240823-2f772s1bqf
MD5

13d0869d79e859a55f052c0def99f62b
SHA1

9576a5476fa3418900dd8773390c2c116ae25db0
SHA256

80dfc5c131dbd424bd6ce6fc8f65c398575aa46b6ed93a37f3e5a645788f7a1a
SHA512

debd60a40bda17ef409657cec12f8c65d09b7c91e77412df0b58b2a03b1153d08e485714236a9b9f902bdedecbfe51240ad8094dd5ce2ac7aabb24c3bb4fa18e
SSDEEP

6144:TdPL4Qa1H66b+X0RjtdgOPAUvgkNRgdgOPAUvgkG:TdPL4hcUngEiM2gEif

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  80dfc5c131dbd424bd6ce6fc8f65c398575aa46b6ed93a37f3e5a645788f7a1a
- Size
  
  390KB
- MD5
  
  13d0869d79e859a55f052c0def99f62b
- SHA1
  
  9576a5476fa3418900dd8773390c2c116ae25db0
- SHA256
  
  80dfc5c131dbd424bd6ce6fc8f65c398575aa46b6ed93a37f3e5a645788f7a1a
- SHA512
  
  debd60a40bda17ef409657cec12f8c65d09b7c91e77412df0b58b2a03b1153d08e485714236a9b9f902bdedecbfe51240ad8094dd5ce2ac7aabb24c3bb4fa18e
- SSDEEP
  
  6144:TdPL4Qa1H66b+X0RjtdgOPAUvgkNRgdgOPAUvgkG:TdPL4hcUngEiM2gEif
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence