4bab694e5db14552dd358a0661d67a65acb2d6cdcae197e87c962561556d98c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71f56a9efd4052498da43e2bc118ce80N.exe
Size

64KB
Sample

240824-v7qzhs1gld
MD5

71f56a9efd4052498da43e2bc118ce80
SHA1

8371097b29fd26f8e2bc6c2f491df6bb537f8b23
SHA256

4bab694e5db14552dd358a0661d67a65acb2d6cdcae197e87c962561556d98c6
SHA512

6a77b40303e3576c638ff5577097a7014ec5cb0d94499f5b2b64fb1cdeca142e904856a8a954d0785c11e40d717996e0ee03600df1cf7e6bdc9ac8f23c9425cb
SSDEEP

768:TRp/xuIYHdip+DqjfiLovPNFC/ZYpgo2kgfSPK9YRogxyHr4dh/1H5DDXdnhgl7j:rZuV9XqjKIPNQVLkgqS9YPxyLYDgNtn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  71f56a9efd4052498da43e2bc118ce80N.exe
- Size
  
  64KB
- MD5
  
  71f56a9efd4052498da43e2bc118ce80
- SHA1
  
  8371097b29fd26f8e2bc6c2f491df6bb537f8b23
- SHA256
  
  4bab694e5db14552dd358a0661d67a65acb2d6cdcae197e87c962561556d98c6
- SHA512
  
  6a77b40303e3576c638ff5577097a7014ec5cb0d94499f5b2b64fb1cdeca142e904856a8a954d0785c11e40d717996e0ee03600df1cf7e6bdc9ac8f23c9425cb
- SSDEEP
  
  768:TRp/xuIYHdip+DqjfiLovPNFC/ZYpgo2kgfSPK9YRogxyHr4dh/1H5DDXdnhgl7j:rZuV9XqjKIPNQVLkgqS9YPxyLYDgNtn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence