c5008e682d687d19c3437e313a20d8ca634bef2dfd58d405cd198d7806a1226a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5008e682d687d19c3437e313a20d8ca634bef2dfd58d405cd198d7806a1226a
Size

512KB
Sample

240824-c2m2kasgpl
MD5

6a57ed13db44abba12b3fd2a19b5f8b3
SHA1

a29f4e970ea6e46e9a3a0e8504c3cbf1cb42cd37
SHA256

c5008e682d687d19c3437e313a20d8ca634bef2dfd58d405cd198d7806a1226a
SHA512

06f4e6a7fd289b836cb01e40bd4cbf69d2cadf7b1077796117f71fb19e827d8755b3bd09bef50eae27ba2f57dccadf93d09be2b5f9ac25ea48e25db30f6241fd
SSDEEP

12288:Z5xGyXu1jGG1ws5iETdqvZNemWrsiLk6mqgSg9:Z/GyXsGG1ws5ipr

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c5008e682d687d19c3437e313a20d8ca634bef2dfd58d405cd198d7806a1226a
- Size
  
  512KB
- MD5
  
  6a57ed13db44abba12b3fd2a19b5f8b3
- SHA1
  
  a29f4e970ea6e46e9a3a0e8504c3cbf1cb42cd37
- SHA256
  
  c5008e682d687d19c3437e313a20d8ca634bef2dfd58d405cd198d7806a1226a
- SHA512
  
  06f4e6a7fd289b836cb01e40bd4cbf69d2cadf7b1077796117f71fb19e827d8755b3bd09bef50eae27ba2f57dccadf93d09be2b5f9ac25ea48e25db30f6241fd
- SSDEEP
  
  12288:Z5xGyXu1jGG1ws5iETdqvZNemWrsiLk6mqgSg9:Z/GyXsGG1ws5ipr
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence