18b2ae674d12eb07b9ed66b6cafebc3fa8f20c29d6531984b2eb7aca22215e04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18b2ae674d12eb07b9ed66b6cafebc3fa8f20c29d6531984b2eb7aca22215e04
Size

75KB
Sample

240829-x8k6rsyhrp
MD5

49722cbb9a0d4494a894f588febc4f0b
SHA1

44958210cdaa263367af73f0e9cf3ddacc476ddd
SHA256

18b2ae674d12eb07b9ed66b6cafebc3fa8f20c29d6531984b2eb7aca22215e04
SHA512

3c6c0f25acdc5cce22a5c99ae6c4e2df05ae686f8f8d09ab4ed22aa49bd08116173008d68ce37ec46828511cebf12fbcf29f7112f5dbbf55c5452ef1728b1948
SSDEEP

1536:nSbKKhWlDPG+kmK7bObdToHqBO53q52IrFH:HKhWU+46bdMKBg3qv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  18b2ae674d12eb07b9ed66b6cafebc3fa8f20c29d6531984b2eb7aca22215e04
- Size
  
  75KB
- MD5
  
  49722cbb9a0d4494a894f588febc4f0b
- SHA1
  
  44958210cdaa263367af73f0e9cf3ddacc476ddd
- SHA256
  
  18b2ae674d12eb07b9ed66b6cafebc3fa8f20c29d6531984b2eb7aca22215e04
- SHA512
  
  3c6c0f25acdc5cce22a5c99ae6c4e2df05ae686f8f8d09ab4ed22aa49bd08116173008d68ce37ec46828511cebf12fbcf29f7112f5dbbf55c5452ef1728b1948
- SSDEEP
  
  1536:nSbKKhWlDPG+kmK7bObdToHqBO53q52IrFH:HKhWU+46bdMKBg3qv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence