2b84ab9cfd3a30ef5024d13efbb862d37a8efc8e90def4806cb9c956bab0264a | Triage

Sharing

General

Target

8eea83d279efdc19c563b8703a123970N.exe
Size

95KB
Sample

240824-1zwspatglm
MD5

8eea83d279efdc19c563b8703a123970
SHA1

040fa21662a9c01428e72ac2ba32dfb8905114bb
SHA256

2b84ab9cfd3a30ef5024d13efbb862d37a8efc8e90def4806cb9c956bab0264a
SHA512

0c88c03bf6f037db6b4d0b42e37fbcb00344b37d3523f0ac90f4a71b293f8fae394a09ff1a834c5c36d2d7ccff85b192ca12c9f64df6effda91d3819e2152635
SSDEEP

1536:zRch516s1nQ3ibHnkP8B0BLMA+BCxlwco19RkqjsXhjfOM6bOLXi8PmCofGV:dcX16s1PznkPS0BgPGlwHkqjwJfDrLXz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8eea83d279efdc19c563b8703a123970N.exe
- Size
  
  95KB
- MD5
  
  8eea83d279efdc19c563b8703a123970
- SHA1
  
  040fa21662a9c01428e72ac2ba32dfb8905114bb
- SHA256
  
  2b84ab9cfd3a30ef5024d13efbb862d37a8efc8e90def4806cb9c956bab0264a
- SHA512
  
  0c88c03bf6f037db6b4d0b42e37fbcb00344b37d3523f0ac90f4a71b293f8fae394a09ff1a834c5c36d2d7ccff85b192ca12c9f64df6effda91d3819e2152635
- SSDEEP
  
  1536:zRch516s1nQ3ibHnkP8B0BLMA+BCxlwco19RkqjsXhjfOM6bOLXi8PmCofGV:dcX16s1PznkPS0BgPGlwHkqjwJfDrLXz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence