0fd291d7f7057e478b5521c881d544624684cf03f42732db41d1caf6eab10778 | Triage

Sharing

General

Target

c86741199cb49b51df3c2f5c8ae39210N.exe
Size

512KB
Sample

240829-gqmzmsyfpj
MD5

c86741199cb49b51df3c2f5c8ae39210
SHA1

ae36ddca466442e18a2aaf29df27dcd878378643
SHA256

0fd291d7f7057e478b5521c881d544624684cf03f42732db41d1caf6eab10778
SHA512

cfd70a1745ceeb1daaae454d01ac3f27d6d08589b40a88f788a95c9e8f5ae0ed4dfca592e1a2a259320836acd322098a3b00dde282ee90d3c2746f53a8952122
SSDEEP

6144:wIZHHwa3XEBeY9oIOMcxDHBFLqWjjgwTgZLnSnLs:ZtwaElgXtHBFLPj3TmLnWs

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c86741199cb49b51df3c2f5c8ae39210N.exe
- Size
  
  512KB
- MD5
  
  c86741199cb49b51df3c2f5c8ae39210
- SHA1
  
  ae36ddca466442e18a2aaf29df27dcd878378643
- SHA256
  
  0fd291d7f7057e478b5521c881d544624684cf03f42732db41d1caf6eab10778
- SHA512
  
  cfd70a1745ceeb1daaae454d01ac3f27d6d08589b40a88f788a95c9e8f5ae0ed4dfca592e1a2a259320836acd322098a3b00dde282ee90d3c2746f53a8952122
- SSDEEP
  
  6144:wIZHHwa3XEBeY9oIOMcxDHBFLqWjjgwTgZLnSnLs:ZtwaElgXtHBFLPj3TmLnWs
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence