d6ec163f116ee31d31960e68e3be5b94b63990c17848f93c347f20483ebe93db | Triage

Sharing

General

Target

fa4bbb7421dfa6e06e06ed7782095470N.exe
Size

768KB
Sample

240825-v8wamaxfrl
MD5

fa4bbb7421dfa6e06e06ed7782095470
SHA1

44980d996ce3500ac40883b990cc7c238281d7c1
SHA256

d6ec163f116ee31d31960e68e3be5b94b63990c17848f93c347f20483ebe93db
SHA512

a9004276cc5ae3141a5aced1209d677f7ca534e54ce310f41b43f34b151652601a3f0067a3c0610cf4fdb61c8f63ae5bff55d78f7a1afd8ebe9b9cca8c4fc862
SSDEEP

12288:AtVWGSY3UBFEqv36IveDVqvQ6IvYvc6IveDVqvQ6IvBaSHaMaZRBEYyqmaf2qwiv:AtVWGSY3UBSyq5h3q5htaSHFaZRBEYyE

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fa4bbb7421dfa6e06e06ed7782095470N.exe
- Size
  
  768KB
- MD5
  
  fa4bbb7421dfa6e06e06ed7782095470
- SHA1
  
  44980d996ce3500ac40883b990cc7c238281d7c1
- SHA256
  
  d6ec163f116ee31d31960e68e3be5b94b63990c17848f93c347f20483ebe93db
- SHA512
  
  a9004276cc5ae3141a5aced1209d677f7ca534e54ce310f41b43f34b151652601a3f0067a3c0610cf4fdb61c8f63ae5bff55d78f7a1afd8ebe9b9cca8c4fc862
- SSDEEP
  
  12288:AtVWGSY3UBFEqv36IveDVqvQ6IvYvc6IveDVqvQ6IvBaSHaMaZRBEYyqmaf2qwiv:AtVWGSY3UBSyq5h3q5htaSHFaZRBEYyE
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence