d89591c4909c6bf72675dbc620d6b9164d4b8814312d20cef6f75846172e24d3 | Triage

Sharing

General

Target

48e909b9a445b314bbbbe155734fee60N.exe
Size

512KB
Sample

240825-ssqdbssfql
MD5

48e909b9a445b314bbbbe155734fee60
SHA1

2ac8bcc4ebeb0abff016b57868a5d6524070ac7a
SHA256

d89591c4909c6bf72675dbc620d6b9164d4b8814312d20cef6f75846172e24d3
SHA512

21e2ce28e0ece3b5a115f04445d471f2b9b0b5bd60643a70c94cb2d0bb1490c0e72c97efe5ad5fd57b7a81bf3bdeb2dabbdecba8127d59ebe3cb99ff422cda65
SSDEEP

6144:g8wf/qtrdQt383PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5fjlt01PB93GxK:gzBr/Ng1/Nblt01PBExK

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  48e909b9a445b314bbbbe155734fee60N.exe
- Size
  
  512KB
- MD5
  
  48e909b9a445b314bbbbe155734fee60
- SHA1
  
  2ac8bcc4ebeb0abff016b57868a5d6524070ac7a
- SHA256
  
  d89591c4909c6bf72675dbc620d6b9164d4b8814312d20cef6f75846172e24d3
- SHA512
  
  21e2ce28e0ece3b5a115f04445d471f2b9b0b5bd60643a70c94cb2d0bb1490c0e72c97efe5ad5fd57b7a81bf3bdeb2dabbdecba8127d59ebe3cb99ff422cda65
- SSDEEP
  
  6144:g8wf/qtrdQt383PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5fjlt01PB93GxK:gzBr/Ng1/Nblt01PBExK
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence