a2371350831884bede928b3d35b135be8f7a9e4de341588055df7d6e93d035c2 | Triage

Sharing

General

Target

a2371350831884bede928b3d35b135be8f7a9e4de341588055df7d6e93d035c2
Size

64KB
Sample

240824-anfn8avhpc
MD5

252f8248d2400fde43c99e59e9225f97
SHA1

e2c732c8cc28f3c4b8ffb2a5e979c1fd641d3b09
SHA256

a2371350831884bede928b3d35b135be8f7a9e4de341588055df7d6e93d035c2
SHA512

f1daf897c7fb86ac4fd4ff30881c2d51e3e2bb3aaf7321e5e6b3d544be7da8190cac8b52d58f5e85e5ba6bcd8035c9ac15eb1907135df44a6a8f04407b59694c
SSDEEP

1536:/yzp8uMLK0/iwnTZHhbr4xZOMx12LPsBMu/H1:azps4CZhbiwPaN

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a2371350831884bede928b3d35b135be8f7a9e4de341588055df7d6e93d035c2
- Size
  
  64KB
- MD5
  
  252f8248d2400fde43c99e59e9225f97
- SHA1
  
  e2c732c8cc28f3c4b8ffb2a5e979c1fd641d3b09
- SHA256
  
  a2371350831884bede928b3d35b135be8f7a9e4de341588055df7d6e93d035c2
- SHA512
  
  f1daf897c7fb86ac4fd4ff30881c2d51e3e2bb3aaf7321e5e6b3d544be7da8190cac8b52d58f5e85e5ba6bcd8035c9ac15eb1907135df44a6a8f04407b59694c
- SSDEEP
  
  1536:/yzp8uMLK0/iwnTZHhbr4xZOMx12LPsBMu/H1:azps4CZhbiwPaN
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence