a46f254631d0aaea414468a1043aa5523ec35f71cdc27d6c730eb1c51e589de5 | Triage

Sharing

General

Target

a46f254631d0aaea414468a1043aa5523ec35f71cdc27d6c730eb1c51e589de5
Size

400KB
Sample

240824-atskzawcjb
MD5

9973ad9538f57a5f38a008dbf033b30e
SHA1

e49ee0d9f059b8bb4db3ec8feacc0e56d84911fb
SHA256

a46f254631d0aaea414468a1043aa5523ec35f71cdc27d6c730eb1c51e589de5
SHA512

454218ddf0a0aaa22f3e1f20364c358334726bd582a9725463317dd572746a9071386efeb28e4d7272e05ddd170b261937c82d2adb65f154efd571abb1e7645a
SSDEEP

12288:YOI8hH93/+zrWAI5KFum/+zrWAIAqWim/k:hT3m0BmmvFimc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a46f254631d0aaea414468a1043aa5523ec35f71cdc27d6c730eb1c51e589de5
- Size
  
  400KB
- MD5
  
  9973ad9538f57a5f38a008dbf033b30e
- SHA1
  
  e49ee0d9f059b8bb4db3ec8feacc0e56d84911fb
- SHA256
  
  a46f254631d0aaea414468a1043aa5523ec35f71cdc27d6c730eb1c51e589de5
- SHA512
  
  454218ddf0a0aaa22f3e1f20364c358334726bd582a9725463317dd572746a9071386efeb28e4d7272e05ddd170b261937c82d2adb65f154efd571abb1e7645a
- SSDEEP
  
  12288:YOI8hH93/+zrWAI5KFum/+zrWAIAqWim/k:hT3m0BmmvFimc
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence