18d6eb4c5c6dac366d1e6161a68e8f3152c3a5f09c81e4a8e9c8efcb4c651533 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a05493a39c8a58e36c2ae64dbc942ce0N.exe
Size

90KB
Sample

240902-b27kjaxhll
MD5

a05493a39c8a58e36c2ae64dbc942ce0
SHA1

8dda7c6074c97773f9a475bb9412e90d16fcf6e1
SHA256

18d6eb4c5c6dac366d1e6161a68e8f3152c3a5f09c81e4a8e9c8efcb4c651533
SHA512

e1d890d89dd3734ad3d2a8e956cac1492440c669d0c362fce5732a68dcface5fb7fbb0bad29dd631f816254dd83ebf7f6d346d3805b5de8f9e8bf2872aadd581
SSDEEP

1536:A3GxzJkDsM501kQfVIVBO393N6z+L4BabS39brLSZtLRUM0X3fOOQ/4BrGTI5Yxj:A3GxzJkwM501kQfVIVBw99f48ML4UM04

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a05493a39c8a58e36c2ae64dbc942ce0N.exe
- Size
  
  90KB
- MD5
  
  a05493a39c8a58e36c2ae64dbc942ce0
- SHA1
  
  8dda7c6074c97773f9a475bb9412e90d16fcf6e1
- SHA256
  
  18d6eb4c5c6dac366d1e6161a68e8f3152c3a5f09c81e4a8e9c8efcb4c651533
- SHA512
  
  e1d890d89dd3734ad3d2a8e956cac1492440c669d0c362fce5732a68dcface5fb7fbb0bad29dd631f816254dd83ebf7f6d346d3805b5de8f9e8bf2872aadd581
- SSDEEP
  
  1536:A3GxzJkDsM501kQfVIVBO393N6z+L4BabS39brLSZtLRUM0X3fOOQ/4BrGTI5Yxj:A3GxzJkwM501kQfVIVBw99f48ML4UM04
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence