eec1d5937906363e28d8d6e74e0db721ee94e16de384601ec265d2cf77157618 | Triage

Sharing

General

Target

eec1d5937906363e28d8d6e74e0db721ee94e16de384601ec265d2cf77157618
Size

242KB
Sample

240829-fjwgrswfpr
MD5

303c5c72edf8b01efb4dec274d84ee42
SHA1

bda1abba0ea738a574d649c63c29f5998c272706
SHA256

eec1d5937906363e28d8d6e74e0db721ee94e16de384601ec265d2cf77157618
SHA512

0c67fdaff51f46570762e8b677fb2326f81f3e51bc67fa0fdbfb52c43887839528bbb9e86040a9093941a3d32f1ab16c9dda372a17b8a1cc3e686c416b4b5fdd
SSDEEP

3072:wrrujj2kgemJGVrYhV6V8ZLB6V16VKcWmjR:6rCjJ9YhV66LB6X62

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  eec1d5937906363e28d8d6e74e0db721ee94e16de384601ec265d2cf77157618
- Size
  
  242KB
- MD5
  
  303c5c72edf8b01efb4dec274d84ee42
- SHA1
  
  bda1abba0ea738a574d649c63c29f5998c272706
- SHA256
  
  eec1d5937906363e28d8d6e74e0db721ee94e16de384601ec265d2cf77157618
- SHA512
  
  0c67fdaff51f46570762e8b677fb2326f81f3e51bc67fa0fdbfb52c43887839528bbb9e86040a9093941a3d32f1ab16c9dda372a17b8a1cc3e686c416b4b5fdd
- SSDEEP
  
  3072:wrrujj2kgemJGVrYhV6V8ZLB6V16VKcWmjR:6rCjJ9YhV66LB6X62
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence