a74e080ebd01531d003ae99c00452e42c204ac61523345231c482de6bec4ca87 | Triage

Sharing

General

Target

b2026c796064ba81fe0e47c86e9774b0N.exe
Size

704KB
Sample

240823-dkgznavark
MD5

b2026c796064ba81fe0e47c86e9774b0
SHA1

89bcbb126e9c0ac835c2823df21a41845a20b084
SHA256

a74e080ebd01531d003ae99c00452e42c204ac61523345231c482de6bec4ca87
SHA512

3b3bbc342673b559b0238a7d5c494a8f05b721ac4971534da110a3b7e77a22925ab12b676ae721a024ead6322c4b1fdea9ba2efa6ef64421b079f9b4e3c2aa9a
SSDEEP

12288:8wSDrQg5W/+zrWAI5KFum/+zrWAIAqWim/+zrWAI5KFHTP7rXFr/+zrWAI5KW:8VDrQg5Wm0BmmvFimm0MTP7hm0b

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b2026c796064ba81fe0e47c86e9774b0N.exe
- Size
  
  704KB
- MD5
  
  b2026c796064ba81fe0e47c86e9774b0
- SHA1
  
  89bcbb126e9c0ac835c2823df21a41845a20b084
- SHA256
  
  a74e080ebd01531d003ae99c00452e42c204ac61523345231c482de6bec4ca87
- SHA512
  
  3b3bbc342673b559b0238a7d5c494a8f05b721ac4971534da110a3b7e77a22925ab12b676ae721a024ead6322c4b1fdea9ba2efa6ef64421b079f9b4e3c2aa9a
- SSDEEP
  
  12288:8wSDrQg5W/+zrWAI5KFum/+zrWAIAqWim/+zrWAI5KFHTP7rXFr/+zrWAI5KW:8VDrQg5Wm0BmmvFimm0MTP7hm0b
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence