d00bdebaa74a2453bfe642acae257629663a88d98f7596c1949b8d4d968c91b7 | Triage

Sharing

General

Target

bb9b221efd11e4d07a8d864b42ea7ad0N.exe
Size

64KB
Sample

240824-yv16haydpk
MD5

bb9b221efd11e4d07a8d864b42ea7ad0
SHA1

23f14eb6d7b04dd30d5f245b1e2c046426dd6ef4
SHA256

d00bdebaa74a2453bfe642acae257629663a88d98f7596c1949b8d4d968c91b7
SHA512

c9923ca3a4a9dbbc1ef2387c46a8baa294b71c8b98d6a38ca916f11c23671f6a34a999a2c48cfeda7db1b3db2c6c655b68131c412b7cf0d8410c66268fc12d44
SSDEEP

768:4C4085ufk0Qi838h/UGa8Fbab3lZ0i9Ar1gyK9RLR1dAL2p/1H5sLXdnh0Usb0DV:4j0z80osh48iVCaAriLR1WL2LCrDWBi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  bb9b221efd11e4d07a8d864b42ea7ad0N.exe
- Size
  
  64KB
- MD5
  
  bb9b221efd11e4d07a8d864b42ea7ad0
- SHA1
  
  23f14eb6d7b04dd30d5f245b1e2c046426dd6ef4
- SHA256
  
  d00bdebaa74a2453bfe642acae257629663a88d98f7596c1949b8d4d968c91b7
- SHA512
  
  c9923ca3a4a9dbbc1ef2387c46a8baa294b71c8b98d6a38ca916f11c23671f6a34a999a2c48cfeda7db1b3db2c6c655b68131c412b7cf0d8410c66268fc12d44
- SSDEEP
  
  768:4C4085ufk0Qi838h/UGa8Fbab3lZ0i9Ar1gyK9RLR1dAL2p/1H5sLXdnh0Usb0DV:4j0z80osh48iVCaAriLR1WL2LCrDWBi
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence