5e2f7adfa18c9cb327e8413e4fd09aa145a6cf1751dc8e7b374646029cf7e3ba | Triage

Sharing

General

Target

4feab9177cfe3551028e599ea16605d0N.exe
Size

173KB
Sample

240902-2x4wys1bph
MD5

4feab9177cfe3551028e599ea16605d0
SHA1

f9a4402ba0dc5821aea16da1f67fd646d36a8ab7
SHA256

5e2f7adfa18c9cb327e8413e4fd09aa145a6cf1751dc8e7b374646029cf7e3ba
SHA512

94f374db5f9c382684b2f9c6515a67015c572a525ba6b6d0f4a4912fa7b7215621d0d20bb8dbb353d382f524b006d489a7a415e75a56bce474a88143cbb7c608
SSDEEP

3072:iFOCgdYZY91EAB+s/vacknVwNtvSO06+ebX:iWKY91ElsHhYyNtvSO0e

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4feab9177cfe3551028e599ea16605d0N.exe
- Size
  
  173KB
- MD5
  
  4feab9177cfe3551028e599ea16605d0
- SHA1
  
  f9a4402ba0dc5821aea16da1f67fd646d36a8ab7
- SHA256
  
  5e2f7adfa18c9cb327e8413e4fd09aa145a6cf1751dc8e7b374646029cf7e3ba
- SHA512
  
  94f374db5f9c382684b2f9c6515a67015c572a525ba6b6d0f4a4912fa7b7215621d0d20bb8dbb353d382f524b006d489a7a415e75a56bce474a88143cbb7c608
- SSDEEP
  
  3072:iFOCgdYZY91EAB+s/vacknVwNtvSO06+ebX:iWKY91ElsHhYyNtvSO0e
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence