1f43f76657beca459f1be55627beb22a373969288397c8fc6d5714a998f63abf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb8e10b5c2c09957352e6af22328ed90N.exe
Size

80KB
Sample

240825-mp4tna1hkl
MD5

fb8e10b5c2c09957352e6af22328ed90
SHA1

348fa449f46e5f077c89ee811a07b2cff00b4f2b
SHA256

1f43f76657beca459f1be55627beb22a373969288397c8fc6d5714a998f63abf
SHA512

fd689fa2ac5303f9ae609b82cb9bd25cf4db40a606e9220f70fe6446afa277bae3f9f67e66d43cafa2e3ae0a85966f223ae9d073f5a8d8e37797c8d7fd2f84ea
SSDEEP

1536:WqbEfYkl22DxuTQKnR7NjjizDfWqdMVrlEFtyb7IYOOqw4Tv:W/PoLizTWqAhELy1MTTv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fb8e10b5c2c09957352e6af22328ed90N.exe
- Size
  
  80KB
- MD5
  
  fb8e10b5c2c09957352e6af22328ed90
- SHA1
  
  348fa449f46e5f077c89ee811a07b2cff00b4f2b
- SHA256
  
  1f43f76657beca459f1be55627beb22a373969288397c8fc6d5714a998f63abf
- SHA512
  
  fd689fa2ac5303f9ae609b82cb9bd25cf4db40a606e9220f70fe6446afa277bae3f9f67e66d43cafa2e3ae0a85966f223ae9d073f5a8d8e37797c8d7fd2f84ea
- SSDEEP
  
  1536:WqbEfYkl22DxuTQKnR7NjjizDfWqdMVrlEFtyb7IYOOqw4Tv:W/PoLizTWqAhELy1MTTv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence