6b53f5542ab8fb4f8d98a3504f0b3d9d217b949ac3bc82657a46ccd99ce05711 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b79a77e721f7ae95cfcf0e80a7662390N.exe
Size

128KB
Sample

240824-rp4wwawcpm
MD5

b79a77e721f7ae95cfcf0e80a7662390
SHA1

7329ec1b83e4b57fa4e51bf480a06dd05b00d5e2
SHA256

6b53f5542ab8fb4f8d98a3504f0b3d9d217b949ac3bc82657a46ccd99ce05711
SHA512

b360ec9e163d9762ee40ce9f7a2703307c7422e83b892a2a8983cf2581aadd77c89f09aafda719835afa64efa36aa22ccae43f178c6c99bd48ab174855de7843
SSDEEP

3072:oKQQkwHk02VJ9IDlRxyhTbhgu+tAcrbFAJc+i:Fkwb2VsDshsrtMk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b79a77e721f7ae95cfcf0e80a7662390N.exe
- Size
  
  128KB
- MD5
  
  b79a77e721f7ae95cfcf0e80a7662390
- SHA1
  
  7329ec1b83e4b57fa4e51bf480a06dd05b00d5e2
- SHA256
  
  6b53f5542ab8fb4f8d98a3504f0b3d9d217b949ac3bc82657a46ccd99ce05711
- SHA512
  
  b360ec9e163d9762ee40ce9f7a2703307c7422e83b892a2a8983cf2581aadd77c89f09aafda719835afa64efa36aa22ccae43f178c6c99bd48ab174855de7843
- SSDEEP
  
  3072:oKQQkwHk02VJ9IDlRxyhTbhgu+tAcrbFAJc+i:Fkwb2VsDshsrtMk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence