5c89ecd334c5c2643a803a8dbab580450563cc2d7d1805db4f0ecda042810c04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d665af2a4ffb04534ff93ce0a149940N.exe
Size

55KB
Sample

240825-kpztlavgjf
MD5

5d665af2a4ffb04534ff93ce0a149940
SHA1

bd1a2d9ee673c04feaf50bb259b83fdcd8a34244
SHA256

5c89ecd334c5c2643a803a8dbab580450563cc2d7d1805db4f0ecda042810c04
SHA512

de490b4ece0a4267f76ac32f934d221313e5ae19065ecfd3c37cccabdf90435d81aa054c6ca50b2dc5c47c9452f3218ca75a94c69b527bec72f8ba33d278becb
SSDEEP

768:kWwK/TlalPISQXJKDvdljdxsfjeCC0djL7EG0g6vnbVedoFy82p/1H5dXdnh:tMpxQXmjYD0g6PLJ2Lx

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5d665af2a4ffb04534ff93ce0a149940N.exe
- Size
  
  55KB
- MD5
  
  5d665af2a4ffb04534ff93ce0a149940
- SHA1
  
  bd1a2d9ee673c04feaf50bb259b83fdcd8a34244
- SHA256
  
  5c89ecd334c5c2643a803a8dbab580450563cc2d7d1805db4f0ecda042810c04
- SHA512
  
  de490b4ece0a4267f76ac32f934d221313e5ae19065ecfd3c37cccabdf90435d81aa054c6ca50b2dc5c47c9452f3218ca75a94c69b527bec72f8ba33d278becb
- SSDEEP
  
  768:kWwK/TlalPISQXJKDvdljdxsfjeCC0djL7EG0g6vnbVedoFy82p/1H5dXdnh:tMpxQXmjYD0g6PLJ2Lx
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence