53e7c4e9b1f9f292a3dddfc78906214dd94a35e28b919d8df1463aaf50be8b98 | Triage

Sharing

General

Target

b7f561d99f5f94cac68433c3d0797380N.exe
Size

136KB
Sample

240825-bt3ava1ckh
MD5

b7f561d99f5f94cac68433c3d0797380
SHA1

d47fe0c0d71dc91d62e4c96804ac4783ab08972f
SHA256

53e7c4e9b1f9f292a3dddfc78906214dd94a35e28b919d8df1463aaf50be8b98
SHA512

bc356ab542035da2ebb966f73e1f55f3955d51264dac91cebf75907fed2009f93c183ac53f2a9fb3aa2c5d99837b547207a4c600d799be0bf9f6cf17ae785971
SSDEEP

3072:Wat3VZofLDLR41ayPXuhuXGQmVDeCyqOGbo92ynn:Wat3SDL211PXuapoaCPXbo92ynn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b7f561d99f5f94cac68433c3d0797380N.exe
- Size
  
  136KB
- MD5
  
  b7f561d99f5f94cac68433c3d0797380
- SHA1
  
  d47fe0c0d71dc91d62e4c96804ac4783ab08972f
- SHA256
  
  53e7c4e9b1f9f292a3dddfc78906214dd94a35e28b919d8df1463aaf50be8b98
- SHA512
  
  bc356ab542035da2ebb966f73e1f55f3955d51264dac91cebf75907fed2009f93c183ac53f2a9fb3aa2c5d99837b547207a4c600d799be0bf9f6cf17ae785971
- SSDEEP
  
  3072:Wat3VZofLDLR41ayPXuhuXGQmVDeCyqOGbo92ynn:Wat3SDL211PXuapoaCPXbo92ynn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence