fee236c923b0e3ec22a97b664ea9be251a2c7736715d70e234c24cde9b64ea39 | Triage

Sharing

General

Target

8e5eb727de9b0ca6cd19f1b0ccca6470N.exe
Size

379KB
Sample

240825-ygq4dashqq
MD5

8e5eb727de9b0ca6cd19f1b0ccca6470
SHA1

814f2a227db3fbe82c34422c3a750fcaa2c672e1
SHA256

fee236c923b0e3ec22a97b664ea9be251a2c7736715d70e234c24cde9b64ea39
SHA512

1fc1a61a72278446bd6c9ad857242cbae078fcae91aba6b22862b431f455455dfe69e105e8907e6b032585774275708637e8ee3e6c190961e0cf7d9e100d9fe0
SSDEEP

6144:fV8UBli7O/0xLxli7O//yb1c3ccU0S6GyTgfiEkrE:N8U6vxr6lGHaXyTg6EkrE

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8e5eb727de9b0ca6cd19f1b0ccca6470N.exe
- Size
  
  379KB
- MD5
  
  8e5eb727de9b0ca6cd19f1b0ccca6470
- SHA1
  
  814f2a227db3fbe82c34422c3a750fcaa2c672e1
- SHA256
  
  fee236c923b0e3ec22a97b664ea9be251a2c7736715d70e234c24cde9b64ea39
- SHA512
  
  1fc1a61a72278446bd6c9ad857242cbae078fcae91aba6b22862b431f455455dfe69e105e8907e6b032585774275708637e8ee3e6c190961e0cf7d9e100d9fe0
- SSDEEP
  
  6144:fV8UBli7O/0xLxli7O//yb1c3ccU0S6GyTgfiEkrE:N8U6vxr6lGHaXyTg6EkrE
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence