b3fbcf5bad89161d7a97773e86bfd777670b7411262ab5dbe64cf4fd260dcebb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3fbcf5bad89161d7a97773e86bfd777670b7411262ab5dbe64cf4fd260dcebb
Size

165KB
Sample

240901-b7fn1axhkl
MD5

d221a6ed2b71aee90b7b067775bd6fa7
SHA1

b4948f074ccfca1ba6ff6ea88c79e5aff36f8131
SHA256

b3fbcf5bad89161d7a97773e86bfd777670b7411262ab5dbe64cf4fd260dcebb
SHA512

7b918959988454c8bed21d42acda88592659a9dd25b091ef8a5fe54fd8b7e627a51a344c4034c0b2466cbe51b7417d9bc72b36e755eab5c91db94f3c882980c6
SSDEEP

3072:2tTPX4gC5FDRRT3vQfEdArGzHq+egM5bylnO/hZP:2tr4gC5FFRbQMdArGzHregqgnO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b3fbcf5bad89161d7a97773e86bfd777670b7411262ab5dbe64cf4fd260dcebb
- Size
  
  165KB
- MD5
  
  d221a6ed2b71aee90b7b067775bd6fa7
- SHA1
  
  b4948f074ccfca1ba6ff6ea88c79e5aff36f8131
- SHA256
  
  b3fbcf5bad89161d7a97773e86bfd777670b7411262ab5dbe64cf4fd260dcebb
- SHA512
  
  7b918959988454c8bed21d42acda88592659a9dd25b091ef8a5fe54fd8b7e627a51a344c4034c0b2466cbe51b7417d9bc72b36e755eab5c91db94f3c882980c6
- SSDEEP
  
  3072:2tTPX4gC5FDRRT3vQfEdArGzHq+egM5bylnO/hZP:2tr4gC5FFRbQMdArGzHregqgnO
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence