56970ae251de0a1bbf9655fb63aa76588ad796caccff19ff5df96bf24a6e7d5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8af98eed85aa488fc95b3ec8affb54c0N.exe
Size

188KB
Sample

240825-sbpeps1hmp
MD5

8af98eed85aa488fc95b3ec8affb54c0
SHA1

86da2a655e683ba76e8cdb8155eebe46088e83f8
SHA256

56970ae251de0a1bbf9655fb63aa76588ad796caccff19ff5df96bf24a6e7d5d
SHA512

5bf2ba83baf05aab7d3bc069e6d839c56cdf531db51b14f9be53c6fcf535ca2fb3317db06360f24b45928c1f017af70e32b75fa7eb3525c003b570f4375415c7
SSDEEP

3072:mZe1Fhr0fNapsDiV6a7eaGEhuuuu4vCv1AerDtsr3vhqhEN4MAH+mbPepZBC8qzH:mZevhr0VaeDiIPaGEhuuuu4vCv1Aelhh

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8af98eed85aa488fc95b3ec8affb54c0N.exe
- Size
  
  188KB
- MD5
  
  8af98eed85aa488fc95b3ec8affb54c0
- SHA1
  
  86da2a655e683ba76e8cdb8155eebe46088e83f8
- SHA256
  
  56970ae251de0a1bbf9655fb63aa76588ad796caccff19ff5df96bf24a6e7d5d
- SHA512
  
  5bf2ba83baf05aab7d3bc069e6d839c56cdf531db51b14f9be53c6fcf535ca2fb3317db06360f24b45928c1f017af70e32b75fa7eb3525c003b570f4375415c7
- SSDEEP
  
  3072:mZe1Fhr0fNapsDiV6a7eaGEhuuuu4vCv1AerDtsr3vhqhEN4MAH+mbPepZBC8qzH:mZevhr0VaeDiIPaGEhuuuu4vCv1Aelhh
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence