b0625bea7a2bb4023bf7668db5ff4c386f098e627e3eeff5fdb2f641983a3417 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0625bea7a2bb4023bf7668db5ff4c386f098e627e3eeff5fdb2f641983a3417
Size

80KB
Sample

240824-bj98pszarl
MD5

2e6ca00e19f9e0d7c9e195a252935458
SHA1

0f6cbd16ba1cd7d07b7fb20e9648f06c210e7086
SHA256

b0625bea7a2bb4023bf7668db5ff4c386f098e627e3eeff5fdb2f641983a3417
SHA512

cb0d2b81b015a16f26d6e359daa418a533a4622897c259dba2d04581f4b5cb30d7b91c91d09911068518b765efda6bf11bbf27e07532eb712280e0f5983cb36b
SSDEEP

1536:te8WAflZezuE1lPL5PPWoU+kBxfrG7EPaT2LBJ9VqDlzVxyh+CbxMa:t3Wkl4zXnqBxfaAPHBJ9IDlRxyhTb7

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b0625bea7a2bb4023bf7668db5ff4c386f098e627e3eeff5fdb2f641983a3417
- Size
  
  80KB
- MD5
  
  2e6ca00e19f9e0d7c9e195a252935458
- SHA1
  
  0f6cbd16ba1cd7d07b7fb20e9648f06c210e7086
- SHA256
  
  b0625bea7a2bb4023bf7668db5ff4c386f098e627e3eeff5fdb2f641983a3417
- SHA512
  
  cb0d2b81b015a16f26d6e359daa418a533a4622897c259dba2d04581f4b5cb30d7b91c91d09911068518b765efda6bf11bbf27e07532eb712280e0f5983cb36b
- SSDEEP
  
  1536:te8WAflZezuE1lPL5PPWoU+kBxfrG7EPaT2LBJ9VqDlzVxyh+CbxMa:t3Wkl4zXnqBxfaAPHBJ9IDlRxyhTb7
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence