a50e4cb4bc45a11249c0de61338510fd2136ccf0ab1ab5ecfc7d13e13bab8cdf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a50e4cb4bc45a11249c0de61338510fd2136ccf0ab1ab5ecfc7d13e13bab8cdf
Size

400KB
Sample

240824-av6tzswcpc
MD5

88db568c81bfc075130d9772986bfe24
SHA1

84893d075df323ea789dbe833adb0c506410b3a6
SHA256

a50e4cb4bc45a11249c0de61338510fd2136ccf0ab1ab5ecfc7d13e13bab8cdf
SHA512

e269016c405288cdf57c93a893ce14162f584c1661da7f858d54bf05ac0474c8ccdd5dee9fa34810cb084ec9fc56f699256f321181a210b597abe27d35b8b61b
SSDEEP

12288:3ynTXa3/+zrWAI5KFum/+zrWAIAqWim/k:inm3m0BmmvFimc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a50e4cb4bc45a11249c0de61338510fd2136ccf0ab1ab5ecfc7d13e13bab8cdf
- Size
  
  400KB
- MD5
  
  88db568c81bfc075130d9772986bfe24
- SHA1
  
  84893d075df323ea789dbe833adb0c506410b3a6
- SHA256
  
  a50e4cb4bc45a11249c0de61338510fd2136ccf0ab1ab5ecfc7d13e13bab8cdf
- SHA512
  
  e269016c405288cdf57c93a893ce14162f584c1661da7f858d54bf05ac0474c8ccdd5dee9fa34810cb084ec9fc56f699256f321181a210b597abe27d35b8b61b
- SSDEEP
  
  12288:3ynTXa3/+zrWAI5KFum/+zrWAIAqWim/k:inm3m0BmmvFimc
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence