e9d56a04736d696dea583c17d79e3f10d3e7b13eba2f77acdc299c3aabef19eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9d56a04736d696dea583c17d79e3f10d3e7b13eba2f77acdc299c3aabef19eb
Size

1000KB
Sample

240825-hjpqbszhja
MD5

4ac96c17d166be0379ed5bf64191f833
SHA1

083be555ec61f1f8c6dcae53b85a0e72c8792b8d
SHA256

e9d56a04736d696dea583c17d79e3f10d3e7b13eba2f77acdc299c3aabef19eb
SHA512

a5bd8975e9a1854feead7bd928061d1936d8da4104ee1b1efe4730dd3a4f40b27e89301e74b0470484fbd95d82d9a8e3014673e6011056fde46a8581a0b6fc98
SSDEEP

12288:EC9CeM/ktHBFLPj3TmLnWrOxNuxC97hFq9o7:F9CeM/ktHBFLPj368MoC9Dq9o7

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e9d56a04736d696dea583c17d79e3f10d3e7b13eba2f77acdc299c3aabef19eb
- Size
  
  1000KB
- MD5
  
  4ac96c17d166be0379ed5bf64191f833
- SHA1
  
  083be555ec61f1f8c6dcae53b85a0e72c8792b8d
- SHA256
  
  e9d56a04736d696dea583c17d79e3f10d3e7b13eba2f77acdc299c3aabef19eb
- SHA512
  
  a5bd8975e9a1854feead7bd928061d1936d8da4104ee1b1efe4730dd3a4f40b27e89301e74b0470484fbd95d82d9a8e3014673e6011056fde46a8581a0b6fc98
- SSDEEP
  
  12288:EC9CeM/ktHBFLPj3TmLnWrOxNuxC97hFq9o7:F9CeM/ktHBFLPj368MoC9Dq9o7
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence