52efff5f90ffedf3ed0093d1a1adbea87c6cc1ad2a211eb8443f21424931911e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79219376ee71d09aaf781e40d813fc10N.exe
Size

364KB
Sample

240828-2brdqs1flr
MD5

79219376ee71d09aaf781e40d813fc10
SHA1

41507b922919f89735d9184fd12e1358f3893c7f
SHA256

52efff5f90ffedf3ed0093d1a1adbea87c6cc1ad2a211eb8443f21424931911e
SHA512

71e7e2f5752f07e97f26e57a34c4a2d9330732e9fcc77ddc8361061ed01d406de2eefd78a66bc33eb729b3274fbacf85ab9f4d8c3712d22a3ff2dac12d9eaf45
SSDEEP

6144:PmhYJ3NU29V+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:7qtsNePmjvtPRRI

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  79219376ee71d09aaf781e40d813fc10N.exe
- Size
  
  364KB
- MD5
  
  79219376ee71d09aaf781e40d813fc10
- SHA1
  
  41507b922919f89735d9184fd12e1358f3893c7f
- SHA256
  
  52efff5f90ffedf3ed0093d1a1adbea87c6cc1ad2a211eb8443f21424931911e
- SHA512
  
  71e7e2f5752f07e97f26e57a34c4a2d9330732e9fcc77ddc8361061ed01d406de2eefd78a66bc33eb729b3274fbacf85ab9f4d8c3712d22a3ff2dac12d9eaf45
- SSDEEP
  
  6144:PmhYJ3NU29V+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:7qtsNePmjvtPRRI
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence