cb11c15e4dd648b928f87c06a081d3750850472f36db4c7fb159afb1e4411b61 | Triage

Sharing

General

Target

10a14b8a8f05cd9065bed7bba193c0f0N
Size

376KB
Sample

240826-h1zlvstakr
MD5

10a14b8a8f05cd9065bed7bba193c0f0
SHA1

7083d61d2ff7b0d517a3b9956881765f07eff781
SHA256

cb11c15e4dd648b928f87c06a081d3750850472f36db4c7fb159afb1e4411b61
SHA512

c3c7e71e284572e6d9bb4e6b5d4592db8db4514dc0903d1b35aef44a8cfed501b1ef5ac33686c92a1415d7f0b47320ad3c209a71f205bcb0f91dd9cbf8b35134
SSDEEP

3072:AKqThb1FyVAURfE+HXAB0kCySYo0CkkhHs4WfO7:ctb1FyRs+HXc0uo0CkkW1fs

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  10a14b8a8f05cd9065bed7bba193c0f0N
- Size
  
  376KB
- MD5
  
  10a14b8a8f05cd9065bed7bba193c0f0
- SHA1
  
  7083d61d2ff7b0d517a3b9956881765f07eff781
- SHA256
  
  cb11c15e4dd648b928f87c06a081d3750850472f36db4c7fb159afb1e4411b61
- SHA512
  
  c3c7e71e284572e6d9bb4e6b5d4592db8db4514dc0903d1b35aef44a8cfed501b1ef5ac33686c92a1415d7f0b47320ad3c209a71f205bcb0f91dd9cbf8b35134
- SSDEEP
  
  3072:AKqThb1FyVAURfE+HXAB0kCySYo0CkkhHs4WfO7:ctb1FyRs+HXc0uo0CkkW1fs
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence