8e4848911ed8ffc33c04c2cf4c1bea31604a75dfae88a1b4994a6e9675eb6d7d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e4848911ed8ffc33c04c2cf4c1bea31604a75dfae88a1b4994a6e9675eb6d7d
Size

67KB
Sample

240826-arew4atgnh
MD5

299ebe267b1e6de368992d1db6a119a4
SHA1

5d8892356a75d30fb610a6c381a25f68b55ff159
SHA256

8e4848911ed8ffc33c04c2cf4c1bea31604a75dfae88a1b4994a6e9675eb6d7d
SHA512

8a5eff29d82137157cea98f5670bcbc5fe02a0dcbd0f21f5db93ca6c24bd26f5dc67cdfd22ba1b5d4ed42aaaea86a3b778298a96f8cde965760fd26cb028e6f9
SSDEEP

1536:CKCcT0JemNt/JMP9IIKEiYVVhU7UDtEuf7diRVA1cgCe8uC:TXTuBJMP9IVEiYVVh4UDtEuD4ReugCe8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8e4848911ed8ffc33c04c2cf4c1bea31604a75dfae88a1b4994a6e9675eb6d7d
- Size
  
  67KB
- MD5
  
  299ebe267b1e6de368992d1db6a119a4
- SHA1
  
  5d8892356a75d30fb610a6c381a25f68b55ff159
- SHA256
  
  8e4848911ed8ffc33c04c2cf4c1bea31604a75dfae88a1b4994a6e9675eb6d7d
- SHA512
  
  8a5eff29d82137157cea98f5670bcbc5fe02a0dcbd0f21f5db93ca6c24bd26f5dc67cdfd22ba1b5d4ed42aaaea86a3b778298a96f8cde965760fd26cb028e6f9
- SSDEEP
  
  1536:CKCcT0JemNt/JMP9IIKEiYVVhU7UDtEuf7diRVA1cgCe8uC:TXTuBJMP9IVEiYVVh4UDtEuD4ReugCe8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence