56255daf63f5d9e0f0940ea65311ba5e64aee4b6190a4a4ff17ed171e526978d | Triage

Sharing

General

Target

8c1905e911180543cf58378976d59a70N.exe
Size

465KB
Sample

240901-efs2ss1bnn
MD5

8c1905e911180543cf58378976d59a70
SHA1

c8ec0ad64104a4ec0aba2416e613c9af7468452c
SHA256

56255daf63f5d9e0f0940ea65311ba5e64aee4b6190a4a4ff17ed171e526978d
SHA512

594d74b0b5914b8b3f71dea1b5053759252e5f81fd7ea59ed17c7d3df6a4eecb62d7fb3ecdbd6ccdd37f4818acd432491c4046bff99d5b55839413d0ff409c8c
SSDEEP

6144:qz1SqOILKpn/a5/VF5V4lKjIbvBhRJfzSf9x7N/I7b9M:qdO8S/WNLKlUmpRe94a

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8c1905e911180543cf58378976d59a70N.exe
- Size
  
  465KB
- MD5
  
  8c1905e911180543cf58378976d59a70
- SHA1
  
  c8ec0ad64104a4ec0aba2416e613c9af7468452c
- SHA256
  
  56255daf63f5d9e0f0940ea65311ba5e64aee4b6190a4a4ff17ed171e526978d
- SHA512
  
  594d74b0b5914b8b3f71dea1b5053759252e5f81fd7ea59ed17c7d3df6a4eecb62d7fb3ecdbd6ccdd37f4818acd432491c4046bff99d5b55839413d0ff409c8c
- SSDEEP
  
  6144:qz1SqOILKpn/a5/VF5V4lKjIbvBhRJfzSf9x7N/I7b9M:qdO8S/WNLKlUmpRe94a
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence