236e54cb054dc9b609bf66a9e481eb1ff0351bb6e0a78b487ce15bc26f3e91dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0025a030a38a3947ce1207617da91ca0N.exe
Size

87KB
Sample

240901-jjrelaverl
MD5

0025a030a38a3947ce1207617da91ca0
SHA1

4b3c521e19e3782abc1cbd790418ee47d2e4a28d
SHA256

236e54cb054dc9b609bf66a9e481eb1ff0351bb6e0a78b487ce15bc26f3e91dc
SHA512

70707d7729baa8384611c441aec81fc6a901fc003f4093114d2802566f7c3932405a81e2a476cc45caba78df23a4fb6d3f62b2df3477fb598ade51bcf1fce3f7
SSDEEP

1536:WORdIhVtMd6L9FEJCWWHcqC66J7uG4J053BZrJtCzRQ44RSRBDNrR0RVe7R6R8R8:pRdiHZFEJoHcqd6J7uf0RrX0eVAnDlmH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0025a030a38a3947ce1207617da91ca0N.exe
- Size
  
  87KB
- MD5
  
  0025a030a38a3947ce1207617da91ca0
- SHA1
  
  4b3c521e19e3782abc1cbd790418ee47d2e4a28d
- SHA256
  
  236e54cb054dc9b609bf66a9e481eb1ff0351bb6e0a78b487ce15bc26f3e91dc
- SHA512
  
  70707d7729baa8384611c441aec81fc6a901fc003f4093114d2802566f7c3932405a81e2a476cc45caba78df23a4fb6d3f62b2df3477fb598ade51bcf1fce3f7
- SSDEEP
  
  1536:WORdIhVtMd6L9FEJCWWHcqC66J7uG4J053BZrJtCzRQ44RSRBDNrR0RVe7R6R8R8:pRdiHZFEJoHcqd6J7uf0RrX0eVAnDlmH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence