528e5aa47bd5ae6d5e9ba74d92745c3a75a3d7a5bc5f6e8d63e5bb8b34d6bcf4 | Triage

Sharing

General

Target

b5f5cc2560fa94620add52eb1eb62700N
Size

320KB
Sample

240826-j1rfxstejh
MD5

b5f5cc2560fa94620add52eb1eb62700
SHA1

a6011ce964b8e81bf0b202e02fb31b99f5d7deb3
SHA256

528e5aa47bd5ae6d5e9ba74d92745c3a75a3d7a5bc5f6e8d63e5bb8b34d6bcf4
SHA512

b2281b9267a8c5d8dec971e7680807f8fdccacbdf8edeefe76db7a9d7be39b458e7a2e481c36d57b68bf07d77686055c8788b09b7fc877f2ad90bc70bdf7eacb
SSDEEP

3072:c8qWmucF8j59ajuxKDmOAqi5v96ZRttzGYJpD9r8XxrYnQg4sIgQxzjGG1wsKmOL:c8XfNauMt1GyZ6YugQdjGG1wsKm06D4

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b5f5cc2560fa94620add52eb1eb62700N
- Size
  
  320KB
- MD5
  
  b5f5cc2560fa94620add52eb1eb62700
- SHA1
  
  a6011ce964b8e81bf0b202e02fb31b99f5d7deb3
- SHA256
  
  528e5aa47bd5ae6d5e9ba74d92745c3a75a3d7a5bc5f6e8d63e5bb8b34d6bcf4
- SHA512
  
  b2281b9267a8c5d8dec971e7680807f8fdccacbdf8edeefe76db7a9d7be39b458e7a2e481c36d57b68bf07d77686055c8788b09b7fc877f2ad90bc70bdf7eacb
- SSDEEP
  
  3072:c8qWmucF8j59ajuxKDmOAqi5v96ZRttzGYJpD9r8XxrYnQg4sIgQxzjGG1wsKmOL:c8XfNauMt1GyZ6YugQdjGG1wsKm06D4
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence