d5db6f83390b11f077f0547c3efc7e2757bd9d909c5006b36a1b6bb0df7548af | Triage

Sharing

General

Target

afa96f62748ce63a33af51b634661a70N.exe
Size

112KB
Sample

240823-exrv3axdmq
MD5

afa96f62748ce63a33af51b634661a70
SHA1

a46bdf2d5b8e84f68a27fe83907c1fda29f4f78c
SHA256

d5db6f83390b11f077f0547c3efc7e2757bd9d909c5006b36a1b6bb0df7548af
SHA512

2e2eae4fcfbfa0bf893ad3af7d2f78001edb8dc8196cd0c33a26f7115e2b742987b384dd4c47610dceaeff28cb62cef9c3481f4cde3b0cb86fde616783aa8ed3
SSDEEP

3072:r7SDXPgXNexFqOB5sM2vtMH8d+lc802eSQ:yDXVxg+sfvtXElc856

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  afa96f62748ce63a33af51b634661a70N.exe
- Size
  
  112KB
- MD5
  
  afa96f62748ce63a33af51b634661a70
- SHA1
  
  a46bdf2d5b8e84f68a27fe83907c1fda29f4f78c
- SHA256
  
  d5db6f83390b11f077f0547c3efc7e2757bd9d909c5006b36a1b6bb0df7548af
- SHA512
  
  2e2eae4fcfbfa0bf893ad3af7d2f78001edb8dc8196cd0c33a26f7115e2b742987b384dd4c47610dceaeff28cb62cef9c3481f4cde3b0cb86fde616783aa8ed3
- SSDEEP
  
  3072:r7SDXPgXNexFqOB5sM2vtMH8d+lc802eSQ:yDXVxg+sfvtXElc856
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence