0ab163c230d6e4fdb2f7dff4ba5cf2b824e0351d42df1fcc2872652e9f95bb16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6aa8b8f13ec9057ef6327991a0821630N.exe
Size

93KB
Sample

240901-3fsm2avdpq
MD5

6aa8b8f13ec9057ef6327991a0821630
SHA1

54195fa2a775cb12969dbdc8d7d9b6f436f990d5
SHA256

0ab163c230d6e4fdb2f7dff4ba5cf2b824e0351d42df1fcc2872652e9f95bb16
SHA512

0bfa6beca5bf45596398c2a837c082d7b27c6f933ac0e13b276ac9e808f784570d82e43675bb1cbfad4d9549ff028e1be496054bb14789ab38cdc251c9fd0389
SSDEEP

1536:54YTtqk7Iw+XFxGH3TEI7F2hc7Nd/Czhg+ijsRQoRkRLJzeLD9N0iQGRNQR8RyVd:54YTtqk7IwgqCCDgGkeoSJdEN0s4WE+a

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6aa8b8f13ec9057ef6327991a0821630N.exe
- Size
  
  93KB
- MD5
  
  6aa8b8f13ec9057ef6327991a0821630
- SHA1
  
  54195fa2a775cb12969dbdc8d7d9b6f436f990d5
- SHA256
  
  0ab163c230d6e4fdb2f7dff4ba5cf2b824e0351d42df1fcc2872652e9f95bb16
- SHA512
  
  0bfa6beca5bf45596398c2a837c082d7b27c6f933ac0e13b276ac9e808f784570d82e43675bb1cbfad4d9549ff028e1be496054bb14789ab38cdc251c9fd0389
- SSDEEP
  
  1536:54YTtqk7Iw+XFxGH3TEI7F2hc7Nd/Czhg+ijsRQoRkRLJzeLD9N0iQGRNQR8RyVd:54YTtqk7IwgqCCDgGkeoSJdEN0s4WE+a
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence