d13fcde8d0f13d5c62dd6c73a06d41dfe667af0373939db3fcc27d6826456285 | Triage

Sharing

General

Target

00a2e246c3104c4a859f1f9e847f8130N.exe
Size

211KB
Sample

240824-wxf71atajg
MD5

00a2e246c3104c4a859f1f9e847f8130
SHA1

e01d9bf4101b390e1bba92b3f616e7741df76c9e
SHA256

d13fcde8d0f13d5c62dd6c73a06d41dfe667af0373939db3fcc27d6826456285
SHA512

d8e96ce59fdf210325e6e6704d96b81dcfd4c8082290bd0c15313c18ccc0aa58145b16b32435a170753b9c4c5888e162f1f352af8fada2ad13c5e3bbe0707cff
SSDEEP

6144:2Y8aMFXP+rEDeYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/N:2aKP+oDeYr75lTefkY660fII

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  00a2e246c3104c4a859f1f9e847f8130N.exe
- Size
  
  211KB
- MD5
  
  00a2e246c3104c4a859f1f9e847f8130
- SHA1
  
  e01d9bf4101b390e1bba92b3f616e7741df76c9e
- SHA256
  
  d13fcde8d0f13d5c62dd6c73a06d41dfe667af0373939db3fcc27d6826456285
- SHA512
  
  d8e96ce59fdf210325e6e6704d96b81dcfd4c8082290bd0c15313c18ccc0aa58145b16b32435a170753b9c4c5888e162f1f352af8fada2ad13c5e3bbe0707cff
- SSDEEP
  
  6144:2Y8aMFXP+rEDeYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/N:2aKP+oDeYr75lTefkY660fII
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence