e6376cb7c11e669a5dc36bf568ecdf7b1964abd1f2980f6b847b88105b6918d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e6376cb7c11e669a5dc36bf568ecdf7b1964abd1f2980f6b847b88105b6918d8
Size

91KB
Sample

240829-e2bdwavhpj
MD5

662cfdf2d56207afc4057bebb5ae609d
SHA1

5e4b7a0ab7784e111461346c9c7e0b1709299425
SHA256

e6376cb7c11e669a5dc36bf568ecdf7b1964abd1f2980f6b847b88105b6918d8
SHA512

cef4468962297ad0c88ca1de4be357af0690ab8c05fbabb6bc658ec62cb0b14d7e3e94b19fe1ac99720bb56eaffcb53b413771b4ed59e8d781de8e8e34a2b619
SSDEEP

1536:sr2tCvVZoikOLGp1tQBm1dMbEGyRVfeDQtob1xS15UJy/vSGw:PWZo6d41dMbEGyBGMV/vSGw

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e6376cb7c11e669a5dc36bf568ecdf7b1964abd1f2980f6b847b88105b6918d8
- Size
  
  91KB
- MD5
  
  662cfdf2d56207afc4057bebb5ae609d
- SHA1
  
  5e4b7a0ab7784e111461346c9c7e0b1709299425
- SHA256
  
  e6376cb7c11e669a5dc36bf568ecdf7b1964abd1f2980f6b847b88105b6918d8
- SHA512
  
  cef4468962297ad0c88ca1de4be357af0690ab8c05fbabb6bc658ec62cb0b14d7e3e94b19fe1ac99720bb56eaffcb53b413771b4ed59e8d781de8e8e34a2b619
- SSDEEP
  
  1536:sr2tCvVZoikOLGp1tQBm1dMbEGyRVfeDQtob1xS15UJy/vSGw:PWZo6d41dMbEGyBGMV/vSGw
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence