3066dec99a8a3966f6f74cb5b58af5636825a7f9f7e8a0c262684de1884eaf4d | Triage

Sharing

General

Target

a8ad524a6eed5d30be6aa2368c4adf10N.exe
Size

84KB
Sample

240901-wgfljayala
MD5

a8ad524a6eed5d30be6aa2368c4adf10
SHA1

12c67ca3b0546e6c280bd5f313b97fd874151cf6
SHA256

3066dec99a8a3966f6f74cb5b58af5636825a7f9f7e8a0c262684de1884eaf4d
SHA512

1a8febea99e83aa47bf84e999b8e51efe3f016424ebb9e5ec59439c9652eb31df0879442d54eb348edb9f92ff3537543f3808ba2448effbcd975ea17df1c3133
SSDEEP

1536:9/cQFYK2K5kge84GzsTDFgrGeT8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmmm1:9/cBK/5k84GzcFrez3PDyH6n8djlLYRx

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a8ad524a6eed5d30be6aa2368c4adf10N.exe
- Size
  
  84KB
- MD5
  
  a8ad524a6eed5d30be6aa2368c4adf10
- SHA1
  
  12c67ca3b0546e6c280bd5f313b97fd874151cf6
- SHA256
  
  3066dec99a8a3966f6f74cb5b58af5636825a7f9f7e8a0c262684de1884eaf4d
- SHA512
  
  1a8febea99e83aa47bf84e999b8e51efe3f016424ebb9e5ec59439c9652eb31df0879442d54eb348edb9f92ff3537543f3808ba2448effbcd975ea17df1c3133
- SSDEEP
  
  1536:9/cQFYK2K5kge84GzsTDFgrGeT8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmmm1:9/cBK/5k84GzcFrez3PDyH6n8djlLYRx
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence