a5f4780a3ed7659dec91cebcc80f9e8f00fd8dbe2a1338e0fa3528497185ebc7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5f4780a3ed7659dec91cebcc80f9e8f00fd8dbe2a1338e0fa3528497185ebc7
Size

152KB
Sample

240902-chpq2szcke
MD5

0d2728d27d8cc54af66ac98fc7ca0036
SHA1

5f3912fbf1cd1a54d3909c9701d363bee5fc8e19
SHA256

a5f4780a3ed7659dec91cebcc80f9e8f00fd8dbe2a1338e0fa3528497185ebc7
SHA512

91cc35a37fb40d46a3f7e28a0ecbff8246f78fea2d0246911719fda40cbf886014497c717f57130557210db5b651b4040135af7643a409946e1a0645a5c05d4a
SSDEEP

1536:d1rqYp7Onx5P0BmFsIlsz2/j4vltZRA5tC:fqYknxG4Fnls6/j4vltZ0I

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a5f4780a3ed7659dec91cebcc80f9e8f00fd8dbe2a1338e0fa3528497185ebc7
- Size
  
  152KB
- MD5
  
  0d2728d27d8cc54af66ac98fc7ca0036
- SHA1
  
  5f3912fbf1cd1a54d3909c9701d363bee5fc8e19
- SHA256
  
  a5f4780a3ed7659dec91cebcc80f9e8f00fd8dbe2a1338e0fa3528497185ebc7
- SHA512
  
  91cc35a37fb40d46a3f7e28a0ecbff8246f78fea2d0246911719fda40cbf886014497c717f57130557210db5b651b4040135af7643a409946e1a0645a5c05d4a
- SSDEEP
  
  1536:d1rqYp7Onx5P0BmFsIlsz2/j4vltZRA5tC:fqYknxG4Fnls6/j4vltZ0I
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence