64d3092b16d603a33a0ba78d81ae8c4d5797e0fdf6417a5e4db67299003f41a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c27e55665bad2bfa6e2973695ffea700N.exe
Size

145KB
Sample

240824-nenv5aygnp
MD5

c27e55665bad2bfa6e2973695ffea700
SHA1

be38f43c4a5aa888b7d969ed6778abfaa06381da
SHA256

64d3092b16d603a33a0ba78d81ae8c4d5797e0fdf6417a5e4db67299003f41a4
SHA512

6aa715ced6cb433747ef21494fd0dade8b623871f3968b5f210330db542337f06eca6ae4d3395932ded103f90b010a2562a3953975809380a375cfc2193c2aae
SSDEEP

1536:AFDScrv012gdW4MqP/zPjuL7+6aFT+qEy3J30WPrIPrWFFZy6BEVsNo2Ae5JYFnb:A5S0mrDru+JyqD3pFBEV52Ae5aFnVB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c27e55665bad2bfa6e2973695ffea700N.exe
- Size
  
  145KB
- MD5
  
  c27e55665bad2bfa6e2973695ffea700
- SHA1
  
  be38f43c4a5aa888b7d969ed6778abfaa06381da
- SHA256
  
  64d3092b16d603a33a0ba78d81ae8c4d5797e0fdf6417a5e4db67299003f41a4
- SHA512
  
  6aa715ced6cb433747ef21494fd0dade8b623871f3968b5f210330db542337f06eca6ae4d3395932ded103f90b010a2562a3953975809380a375cfc2193c2aae
- SSDEEP
  
  1536:AFDScrv012gdW4MqP/zPjuL7+6aFT+qEy3J30WPrIPrWFFZy6BEVsNo2Ae5JYFnb:A5S0mrDru+JyqD3pFBEV52Ae5aFnVB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence