cdad85ec6cd6f41e0acebd71dcba61c88b7dd4d4577c6864a7f485a3d9637558 | Triage

Sharing

General

Target

7b65596a9172e2fa7af5579657ae9100N.exe
Size

71KB
Sample

240901-zplpassbld
MD5

7b65596a9172e2fa7af5579657ae9100
SHA1

d62cd390f30e39ae5ec8a0cc422ad8ef312fbbb0
SHA256

cdad85ec6cd6f41e0acebd71dcba61c88b7dd4d4577c6864a7f485a3d9637558
SHA512

e1df364eb775c11477f88201b8c7852333b529c86c5b284a4e1906d7ab988f6bb7e7642d42ed29b02665e067477bf29b9d0c66f2ad0a526b830c6c165d838dd1
SSDEEP

1536:x83OM+X00+3Ev7d68MIWxt1z561qCl1aTjjBCzofJWQyO5aVQRQ6K1P+ATT:G+XB+Ujo87Wxt1z561qiCBC80+5aKepB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  7b65596a9172e2fa7af5579657ae9100N.exe
- Size
  
  71KB
- MD5
  
  7b65596a9172e2fa7af5579657ae9100
- SHA1
  
  d62cd390f30e39ae5ec8a0cc422ad8ef312fbbb0
- SHA256
  
  cdad85ec6cd6f41e0acebd71dcba61c88b7dd4d4577c6864a7f485a3d9637558
- SHA512
  
  e1df364eb775c11477f88201b8c7852333b529c86c5b284a4e1906d7ab988f6bb7e7642d42ed29b02665e067477bf29b9d0c66f2ad0a526b830c6c165d838dd1
- SSDEEP
  
  1536:x83OM+X00+3Ev7d68MIWxt1z561qCl1aTjjBCzofJWQyO5aVQRQ6K1P+ATT:G+XB+Ujo87Wxt1z561qiCBC80+5aKepB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence