30c05250df87c506143f6419b55bf60cd91421b23f1cfd10e7195761c8952fa5 | Triage

Sharing

General

Target

30c05250df87c506143f6419b55bf60cd91421b23f1cfd10e7195761c8952fa5
Size

303KB
Sample

240825-zaemfatbnh
MD5

216432f09bb8e402c3d28d88a614cc7c
SHA1

e11116dd3b2342e668ca53abf25e47f4fc3165e4
SHA256

30c05250df87c506143f6419b55bf60cd91421b23f1cfd10e7195761c8952fa5
SHA512

a82613a8d3478e77064ab0764f9a17a5b24b26e4c17ee4d36c8d3c16a77bca067d5dcd284014236b0858b4500825afc3f95f78a4950acdeedd910c9449d3fd58
SSDEEP

6144:ew/QMfT5CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWDSpaH8m34:lvFHRFbeE8mo

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  30c05250df87c506143f6419b55bf60cd91421b23f1cfd10e7195761c8952fa5
- Size
  
  303KB
- MD5
  
  216432f09bb8e402c3d28d88a614cc7c
- SHA1
  
  e11116dd3b2342e668ca53abf25e47f4fc3165e4
- SHA256
  
  30c05250df87c506143f6419b55bf60cd91421b23f1cfd10e7195761c8952fa5
- SHA512
  
  a82613a8d3478e77064ab0764f9a17a5b24b26e4c17ee4d36c8d3c16a77bca067d5dcd284014236b0858b4500825afc3f95f78a4950acdeedd910c9449d3fd58
- SSDEEP
  
  6144:ew/QMfT5CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWDSpaH8m34:lvFHRFbeE8mo
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence