16dcaaa802f42fb506814848deda0dc5ffd4f73a8d0b6d723a4cd5a6c43c3c2c | Triage

Sharing

General

Target

d1c72f3936fcda8e72929658349b04a0N.exe
Size

57KB
Sample

240824-zr6r9a1bpq
MD5

d1c72f3936fcda8e72929658349b04a0
SHA1

cc7f5adc88a7b6f5d9326c535066ad526d223180
SHA256

16dcaaa802f42fb506814848deda0dc5ffd4f73a8d0b6d723a4cd5a6c43c3c2c
SHA512

193a1f6e9bcac5d8d0f1a52a28c6968db7fe280f9161a43b467f2b2fe0e9e2dcec572a3e13c7e26a9c52c6d3e52990181aa81c5c09d03b7b97493a451b0205c9
SSDEEP

768:PFdJezsmBE70085TKN/Fy5ujRHSTi7M3odhEmYf/r//tttqrAvqRRZjQJV//1H5e:PbJLu5eN/FyPe+od1YAUvEsV1

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d1c72f3936fcda8e72929658349b04a0N.exe
- Size
  
  57KB
- MD5
  
  d1c72f3936fcda8e72929658349b04a0
- SHA1
  
  cc7f5adc88a7b6f5d9326c535066ad526d223180
- SHA256
  
  16dcaaa802f42fb506814848deda0dc5ffd4f73a8d0b6d723a4cd5a6c43c3c2c
- SHA512
  
  193a1f6e9bcac5d8d0f1a52a28c6968db7fe280f9161a43b467f2b2fe0e9e2dcec572a3e13c7e26a9c52c6d3e52990181aa81c5c09d03b7b97493a451b0205c9
- SSDEEP
  
  768:PFdJezsmBE70085TKN/Fy5ujRHSTi7M3odhEmYf/r//tttqrAvqRRZjQJV//1H5e:PbJLu5eN/FyPe+od1YAUvEsV1
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence