df922842d6356d50ebbe4e64bd60bb49a9ead2acbad27a2b7269b6339ee48314 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df922842d6356d50ebbe4e64bd60bb49a9ead2acbad27a2b7269b6339ee48314
Size

94KB
Sample

240902-fjt9pssbrp
MD5

43b63d7d01a822604e9004816917bb5c
SHA1

be171ccf99086c954717df0af3c66d89382f7a51
SHA256

df922842d6356d50ebbe4e64bd60bb49a9ead2acbad27a2b7269b6339ee48314
SHA512

1757c832af6f5c790a4d44ef167c71c3984d9b4d2317d72f4a96977c0dfa69dd41397356a3426a23e32ad431fd6814dd502e79c2f5406e0c2b547a3de8756c2d
SSDEEP

1536:XbR31h6knPzkzPhArjGoljoU8KamRoCdG7oGnvsZWsD7BR9L4DT2EnINs:XbpdrkzZArljramRo2G7QIsD6+ob

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  df922842d6356d50ebbe4e64bd60bb49a9ead2acbad27a2b7269b6339ee48314
- Size
  
  94KB
- MD5
  
  43b63d7d01a822604e9004816917bb5c
- SHA1
  
  be171ccf99086c954717df0af3c66d89382f7a51
- SHA256
  
  df922842d6356d50ebbe4e64bd60bb49a9ead2acbad27a2b7269b6339ee48314
- SHA512
  
  1757c832af6f5c790a4d44ef167c71c3984d9b4d2317d72f4a96977c0dfa69dd41397356a3426a23e32ad431fd6814dd502e79c2f5406e0c2b547a3de8756c2d
- SSDEEP
  
  1536:XbR31h6knPzkzPhArjGoljoU8KamRoCdG7oGnvsZWsD7BR9L4DT2EnINs:XbpdrkzZArljramRo2G7QIsD6+ob
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence