d1010a2fd96d0187326f1a05c33566580c1ff96a49c611d56d94e5aab49033cf | Triage

Sharing

General

Target

d1010a2fd96d0187326f1a05c33566580c1ff96a49c611d56d94e5aab49033cf
Size

96KB
Sample

240825-ggxsgsxgpb
MD5

759ec22db31b5de76c45fdf72902ce9c
SHA1

dc98f77d8b565974ebbd515f5006f620eeb40d1d
SHA256

d1010a2fd96d0187326f1a05c33566580c1ff96a49c611d56d94e5aab49033cf
SHA512

bd0960ddabb6cae57006724b310f7a06e59e3cd6bd9cba9245e33595f93a5816f6b5013dafcd7f92d8e031c1881226d3def49be2a18fce70e10d0c53c7071afe
SSDEEP

3072:sQMTh30k6MWvcDAtooQ47vBCllqm5xd69jc0v:glQm5xd6NV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d1010a2fd96d0187326f1a05c33566580c1ff96a49c611d56d94e5aab49033cf
- Size
  
  96KB
- MD5
  
  759ec22db31b5de76c45fdf72902ce9c
- SHA1
  
  dc98f77d8b565974ebbd515f5006f620eeb40d1d
- SHA256
  
  d1010a2fd96d0187326f1a05c33566580c1ff96a49c611d56d94e5aab49033cf
- SHA512
  
  bd0960ddabb6cae57006724b310f7a06e59e3cd6bd9cba9245e33595f93a5816f6b5013dafcd7f92d8e031c1881226d3def49be2a18fce70e10d0c53c7071afe
- SSDEEP
  
  3072:sQMTh30k6MWvcDAtooQ47vBCllqm5xd69jc0v:glQm5xd6NV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence