6ae2d42285480d43e182fd9fc6d003b68d6fec3bcd7a3823c7b52839bdb4c8fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bb8576814ceb59e2eb211dfb96bf570N
Size

128KB
Sample

240826-be148swckg
MD5

4bb8576814ceb59e2eb211dfb96bf570
SHA1

843cce668e1a9a8edcb5d12179da369031d73b1c
SHA256

6ae2d42285480d43e182fd9fc6d003b68d6fec3bcd7a3823c7b52839bdb4c8fc
SHA512

09dcbc81a4bdb441272721ecb46f833967c68c0742594ce9f5632485ff922aed3b1489ac69627c3d7a6af732cddcbd9139f20fc2512455e665deb451b148ffdf
SSDEEP

3072:rvWyHaRr/xV+iNeCSJdEN0s4WE+3S9pui6yYPaI7DX:ruy6xxWXENm+3Mpui6yYPaI/

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4bb8576814ceb59e2eb211dfb96bf570N
- Size
  
  128KB
- MD5
  
  4bb8576814ceb59e2eb211dfb96bf570
- SHA1
  
  843cce668e1a9a8edcb5d12179da369031d73b1c
- SHA256
  
  6ae2d42285480d43e182fd9fc6d003b68d6fec3bcd7a3823c7b52839bdb4c8fc
- SHA512
  
  09dcbc81a4bdb441272721ecb46f833967c68c0742594ce9f5632485ff922aed3b1489ac69627c3d7a6af732cddcbd9139f20fc2512455e665deb451b148ffdf
- SSDEEP
  
  3072:rvWyHaRr/xV+iNeCSJdEN0s4WE+3S9pui6yYPaI7DX:ruy6xxWXENm+3Mpui6yYPaI/
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence