868aef2b5200c441cdcc29c6832560fc565afe29f95f60068a5df103b67d2381 | Triage

Sharing

General

Target

05e8c41df026434df7947a9529b0cea0N
Size

1.3MB
Sample

240825-zps4davbjd
MD5

05e8c41df026434df7947a9529b0cea0
SHA1

d2b44eb5c5d46e0af1ef16fa7e8002bfc09f4bd5
SHA256

868aef2b5200c441cdcc29c6832560fc565afe29f95f60068a5df103b67d2381
SHA512

ed1d2f12c360a29726245374d044f877989d1761b3f9b8cdbf4d81a3bb10476831b90240bbffa5d832c3aa64809b2173f7cfa594f5d2fac8d908a7691c7c49cc
SSDEEP

6144:LLjLSivtGQE5ZC2npb+oB+Zz2HG8t0DoEWufVuvw0HBHY8rQ+6bPD3wPSk8ymL2G:L9Abaz22cWfVaw0HBHY8r8ABjMn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  05e8c41df026434df7947a9529b0cea0N
- Size
  
  1.3MB
- MD5
  
  05e8c41df026434df7947a9529b0cea0
- SHA1
  
  d2b44eb5c5d46e0af1ef16fa7e8002bfc09f4bd5
- SHA256
  
  868aef2b5200c441cdcc29c6832560fc565afe29f95f60068a5df103b67d2381
- SHA512
  
  ed1d2f12c360a29726245374d044f877989d1761b3f9b8cdbf4d81a3bb10476831b90240bbffa5d832c3aa64809b2173f7cfa594f5d2fac8d908a7691c7c49cc
- SSDEEP
  
  6144:LLjLSivtGQE5ZC2npb+oB+Zz2HG8t0DoEWufVuvw0HBHY8rQ+6bPD3wPSk8ymL2G:L9Abaz22cWfVaw0HBHY8r8ABjMn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence