0316c0cd354a544e25384de24c6a9ea0b6cf311a715ddb32cfaf371d8c33edc1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0316c0cd354a544e25384de24c6a9ea0b6cf311a715ddb32cfaf371d8c33edc1
Size

49KB
Sample

240829-yhw11szdrr
MD5

1308a51b6e92f37f07d39b6320c1a5c3
SHA1

f92261fa2a438bf62060abbae1e692f1193dcce4
SHA256

0316c0cd354a544e25384de24c6a9ea0b6cf311a715ddb32cfaf371d8c33edc1
SHA512

d660ab9d5c11abc96c3fc9a5c1362fbbd5b0842cad37486262511d1e50cded039a7417474431d50fa04fc73cd3d51557f952a4e30931a3959aa2bab838737de5
SSDEEP

768:EIwA29ndlA7xmDyqW2Z3Ryb/PLXNw1VNsb4+PNBvWnZJyAi/1H5p2Xdnh7:EDA2RdCmOqvdwbrXNw1bsb4+lBY+AoUl

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0316c0cd354a544e25384de24c6a9ea0b6cf311a715ddb32cfaf371d8c33edc1
- Size
  
  49KB
- MD5
  
  1308a51b6e92f37f07d39b6320c1a5c3
- SHA1
  
  f92261fa2a438bf62060abbae1e692f1193dcce4
- SHA256
  
  0316c0cd354a544e25384de24c6a9ea0b6cf311a715ddb32cfaf371d8c33edc1
- SHA512
  
  d660ab9d5c11abc96c3fc9a5c1362fbbd5b0842cad37486262511d1e50cded039a7417474431d50fa04fc73cd3d51557f952a4e30931a3959aa2bab838737de5
- SSDEEP
  
  768:EIwA29ndlA7xmDyqW2Z3Ryb/PLXNw1VNsb4+PNBvWnZJyAi/1H5p2Xdnh7:EDA2RdCmOqvdwbrXNw1bsb4+lBY+AoUl
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence