638108a73ccc4e5fbf8ab868f165a64ec1909f93efcc1bf98f08c3ad366e2b1b | Triage

Sharing

General

Target

638108a73ccc4e5fbf8ab868f165a64ec1909f93efcc1bf98f08c3ad366e2b1b
Size

295KB
Sample

240902-2g9ghaygkr
MD5

ef873f2e6ca5f0bd6f0329b286785100
SHA1

705eda8ad1cc2a8af9998ea5f803785e70b5d415
SHA256

638108a73ccc4e5fbf8ab868f165a64ec1909f93efcc1bf98f08c3ad366e2b1b
SHA512

071e078e8216befce046616d9702697de5e7e50dd5aaaf4aa67a4b1bf6f52e59b757699e490dc8ba1fc9c042c8b76a7a1d9639dcb549e2b2f9cb92fbb9b5034f
SSDEEP

3072:qyxJEwhrtYKYrpBwHT0jY7lY7M+NYgTPB:qJwhrWXrpiCo+BTPB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  638108a73ccc4e5fbf8ab868f165a64ec1909f93efcc1bf98f08c3ad366e2b1b
- Size
  
  295KB
- MD5
  
  ef873f2e6ca5f0bd6f0329b286785100
- SHA1
  
  705eda8ad1cc2a8af9998ea5f803785e70b5d415
- SHA256
  
  638108a73ccc4e5fbf8ab868f165a64ec1909f93efcc1bf98f08c3ad366e2b1b
- SHA512
  
  071e078e8216befce046616d9702697de5e7e50dd5aaaf4aa67a4b1bf6f52e59b757699e490dc8ba1fc9c042c8b76a7a1d9639dcb549e2b2f9cb92fbb9b5034f
- SSDEEP
  
  3072:qyxJEwhrtYKYrpBwHT0jY7lY7M+NYgTPB:qJwhrWXrpiCo+BTPB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence