9bedc438c4857a0967e820b247f310797e0ea48fc7d7fe3555acf006ad76cf01 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7398355221f80d035506d8af3a46cbf0N.exe
Size

285KB
Sample

240824-kywtasvbkp
MD5

7398355221f80d035506d8af3a46cbf0
SHA1

f6dcc0d8cc47cf26604960969ad02acd15244008
SHA256

9bedc438c4857a0967e820b247f310797e0ea48fc7d7fe3555acf006ad76cf01
SHA512

e5b2ea3614461774a8a62e9cd20d9536e78ca55ca47173e9fa929d480c23af909ba1175131a7f9b6e2a2aa3ee3fb6cfb1ff221c75944c1481eff299c5dafd35b
SSDEEP

3072:H8l/ZU9HVj8agqqlkL3wIvDeBKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:cl/m9HVgp/BKQIoi7tWa

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  7398355221f80d035506d8af3a46cbf0N.exe
- Size
  
  285KB
- MD5
  
  7398355221f80d035506d8af3a46cbf0
- SHA1
  
  f6dcc0d8cc47cf26604960969ad02acd15244008
- SHA256
  
  9bedc438c4857a0967e820b247f310797e0ea48fc7d7fe3555acf006ad76cf01
- SHA512
  
  e5b2ea3614461774a8a62e9cd20d9536e78ca55ca47173e9fa929d480c23af909ba1175131a7f9b6e2a2aa3ee3fb6cfb1ff221c75944c1481eff299c5dafd35b
- SSDEEP
  
  3072:H8l/ZU9HVj8agqqlkL3wIvDeBKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:cl/m9HVgp/BKQIoi7tWa
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence