df3653742a2d6924485f434b49b1cbea61f694856d7d38b0b989071f2ce6a7c5 | Triage

Sharing

General

Target

df3653742a2d6924485f434b49b1cbea61f694856d7d38b0b989071f2ce6a7c5
Size

96KB
Sample

240824-frw39swfjp
MD5

02684ee2448ba230dfd80b1e61ff2a00
SHA1

0416bbc3249fe6a7f2af102a6fc43a8749db05f9
SHA256

df3653742a2d6924485f434b49b1cbea61f694856d7d38b0b989071f2ce6a7c5
SHA512

58b8e0301876a8bb804c84d1f63878c85c82f434bde64bed7d7d59c1536bfb6b65c4ebaa39fa6cf1dcd638e37d44881b29d2cd063ebc5f63bd498535d9b4e1b2
SSDEEP

1536:DQUTI0L6mgKMAqJNBVm5uFM8YycjnP8e4GS4cUZcZ6lyTc//BOmOFCMy0QiLiizd:DQUTnM1BY5udYZjB41bZY5OmWCMyELiY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  df3653742a2d6924485f434b49b1cbea61f694856d7d38b0b989071f2ce6a7c5
- Size
  
  96KB
- MD5
  
  02684ee2448ba230dfd80b1e61ff2a00
- SHA1
  
  0416bbc3249fe6a7f2af102a6fc43a8749db05f9
- SHA256
  
  df3653742a2d6924485f434b49b1cbea61f694856d7d38b0b989071f2ce6a7c5
- SHA512
  
  58b8e0301876a8bb804c84d1f63878c85c82f434bde64bed7d7d59c1536bfb6b65c4ebaa39fa6cf1dcd638e37d44881b29d2cd063ebc5f63bd498535d9b4e1b2
- SSDEEP
  
  1536:DQUTI0L6mgKMAqJNBVm5uFM8YycjnP8e4GS4cUZcZ6lyTc//BOmOFCMy0QiLiizd:DQUTnM1BY5udYZjB41bZY5OmWCMyELiY
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence