ceea97f14ca2206bf47c1daf0e73882d81c90d0c46e5922a9037f700a5cf0157 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4dd6aae6de4e821f477f4cae91a9e00N.exe
Size

64KB
Sample

240823-d6plmawaqk
MD5

c4dd6aae6de4e821f477f4cae91a9e00
SHA1

aace515a18993b0c9a2d079d31d57c35e138bcee
SHA256

ceea97f14ca2206bf47c1daf0e73882d81c90d0c46e5922a9037f700a5cf0157
SHA512

c88516979091c92d771899e0e71abd6fc44202e23d940782da0158f95c71e707314985a8d583f0f9a15b06d17eb7eaca33556e0581c406fc7a0d08749ad9a2ea
SSDEEP

1536:6avOwYnRddXJY/1nBbz84bNRqGJFhAKvwIXeO6XKhbMbt2:6a1+RdrY/1n5z84bfNFTYIuO6Xjt2

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c4dd6aae6de4e821f477f4cae91a9e00N.exe
- Size
  
  64KB
- MD5
  
  c4dd6aae6de4e821f477f4cae91a9e00
- SHA1
  
  aace515a18993b0c9a2d079d31d57c35e138bcee
- SHA256
  
  ceea97f14ca2206bf47c1daf0e73882d81c90d0c46e5922a9037f700a5cf0157
- SHA512
  
  c88516979091c92d771899e0e71abd6fc44202e23d940782da0158f95c71e707314985a8d583f0f9a15b06d17eb7eaca33556e0581c406fc7a0d08749ad9a2ea
- SSDEEP
  
  1536:6avOwYnRddXJY/1nBbz84bNRqGJFhAKvwIXeO6XKhbMbt2:6a1+RdrY/1n5z84bfNFTYIuO6Xjt2
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence