6ba5d31049db89a72d86436548f9052b58ac1a75d72bc59cac20df412f2763cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ba5d31049db89a72d86436548f9052b58ac1a75d72bc59cac20df412f2763cf
Size

669KB
Sample

240902-2wt1cs1blf
MD5

d0f54ee2130072a95c61537a960ba21e
SHA1

16c3b58e3b5f440bb8cc24734ce4733311924631
SHA256

6ba5d31049db89a72d86436548f9052b58ac1a75d72bc59cac20df412f2763cf
SHA512

27a6ab844fe17fc992647e85453008e77f23df00860419f958772d4acb91a1215402342fc3169bf6e3ba6e95aa3225139af4e2d61b9c3c1f27711fc2e00fba33
SSDEEP

12288:BJr95CgxeVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:Dr95RAchMpQnqrdX72LbY6x46uR/qYgL

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6ba5d31049db89a72d86436548f9052b58ac1a75d72bc59cac20df412f2763cf
- Size
  
  669KB
- MD5
  
  d0f54ee2130072a95c61537a960ba21e
- SHA1
  
  16c3b58e3b5f440bb8cc24734ce4733311924631
- SHA256
  
  6ba5d31049db89a72d86436548f9052b58ac1a75d72bc59cac20df412f2763cf
- SHA512
  
  27a6ab844fe17fc992647e85453008e77f23df00860419f958772d4acb91a1215402342fc3169bf6e3ba6e95aa3225139af4e2d61b9c3c1f27711fc2e00fba33
- SSDEEP
  
  12288:BJr95CgxeVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:Dr95RAchMpQnqrdX72LbY6x46uR/qYgL
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence