573eb03320b8ff3c4fb7cd12ba24958484111d54752971cb6fee9ebf2ff62add | Triage

Sharing

General

Target

2a49e15ba741db57cf124c3c3f2a6d00N.exe
Size

148KB
Sample

240901-ez17hs1fkm
MD5

2a49e15ba741db57cf124c3c3f2a6d00
SHA1

7cf57d548a44428c3af27be64898d41b23189380
SHA256

573eb03320b8ff3c4fb7cd12ba24958484111d54752971cb6fee9ebf2ff62add
SHA512

0aa76c881501eaf59bc727ef909d0900f5383051ee4dfe5fa98a54b22ed6ef80d3d4aa15dcbf0d3c658055d11be20cda05cbe8de1dcec01aebf132de6c394797
SSDEEP

3072:nno3RBHUjXc9RhgY5OdzOdjKtlDoNQQ9wlHOdj+UCRQKOdj+U:nnoB1UDcrhgKOdzOdkOdezOd

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2a49e15ba741db57cf124c3c3f2a6d00N.exe
- Size
  
  148KB
- MD5
  
  2a49e15ba741db57cf124c3c3f2a6d00
- SHA1
  
  7cf57d548a44428c3af27be64898d41b23189380
- SHA256
  
  573eb03320b8ff3c4fb7cd12ba24958484111d54752971cb6fee9ebf2ff62add
- SHA512
  
  0aa76c881501eaf59bc727ef909d0900f5383051ee4dfe5fa98a54b22ed6ef80d3d4aa15dcbf0d3c658055d11be20cda05cbe8de1dcec01aebf132de6c394797
- SSDEEP
  
  3072:nno3RBHUjXc9RhgY5OdzOdjKtlDoNQQ9wlHOdj+UCRQKOdj+U:nnoB1UDcrhgKOdzOdkOdezOd
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence