2a119503509ee679e0ed849e3602c66f7f1665a86b3bf43653f34652597536f8 | Triage

Sharing

General

Target

2a119503509ee679e0ed849e3602c66f7f1665a86b3bf43653f34652597536f8
Size

182KB
Sample

240824-zg3ylszfjl
MD5

a448f7a8f185358ae7e27c3968e6c5df
SHA1

d8cc8d2c4e7bb2eaf1adb4468739059185c7dffd
SHA256

2a119503509ee679e0ed849e3602c66f7f1665a86b3bf43653f34652597536f8
SHA512

f34db4c066e88eec44a15549db452d5a2f335c2a53afdf77d206f44a83bd6730573bce9b59fa5acbee67dfdf996d4271960df1f08bebbd8e0ae0301b8224bb9e
SSDEEP

3072:1IO8/leWAf7ybUaCkEux0XBQZudlrhjv/DxT3s9l1nCkEux0XBQZu:19WAf7ha1Tx0mZud/nK9l1n1Tx0mZu

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2a119503509ee679e0ed849e3602c66f7f1665a86b3bf43653f34652597536f8
- Size
  
  182KB
- MD5
  
  a448f7a8f185358ae7e27c3968e6c5df
- SHA1
  
  d8cc8d2c4e7bb2eaf1adb4468739059185c7dffd
- SHA256
  
  2a119503509ee679e0ed849e3602c66f7f1665a86b3bf43653f34652597536f8
- SHA512
  
  f34db4c066e88eec44a15549db452d5a2f335c2a53afdf77d206f44a83bd6730573bce9b59fa5acbee67dfdf996d4271960df1f08bebbd8e0ae0301b8224bb9e
- SSDEEP
  
  3072:1IO8/leWAf7ybUaCkEux0XBQZudlrhjv/DxT3s9l1nCkEux0XBQZu:19WAf7ha1Tx0mZud/nK9l1n1Tx0mZu
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence