213c86b09bc6a37e64b4189e80d102a7b9b2c00108def7f983b1a90114b8ce5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5c4bcefb8f33d80197ca0238af6e2e0N.exe
Size

60KB
Sample

240902-fn96qascrk
MD5

c5c4bcefb8f33d80197ca0238af6e2e0
SHA1

ca58f533a4a72938fc839ab063230d55ef56f4f9
SHA256

213c86b09bc6a37e64b4189e80d102a7b9b2c00108def7f983b1a90114b8ce5a
SHA512

ada376941f3ce561b237a460f1f9818d91ae0616e6a25748e30560aeb3782e7ac1e479a39b9051731d44dd806fccaa9e9fd63eb21ab8c12a2dec7498af997d02
SSDEEP

768:DoBRJqtWXtQP2Y3X7HN1oAygGvYkRg4Rus5drKfW8r/1H5VB+XdnhMl/Xdnhps:D6JVivLHNqLBlRgJsCfW85PB86l1rs

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c5c4bcefb8f33d80197ca0238af6e2e0N.exe
- Size
  
  60KB
- MD5
  
  c5c4bcefb8f33d80197ca0238af6e2e0
- SHA1
  
  ca58f533a4a72938fc839ab063230d55ef56f4f9
- SHA256
  
  213c86b09bc6a37e64b4189e80d102a7b9b2c00108def7f983b1a90114b8ce5a
- SHA512
  
  ada376941f3ce561b237a460f1f9818d91ae0616e6a25748e30560aeb3782e7ac1e479a39b9051731d44dd806fccaa9e9fd63eb21ab8c12a2dec7498af997d02
- SSDEEP
  
  768:DoBRJqtWXtQP2Y3X7HN1oAygGvYkRg4Rus5drKfW8r/1H5VB+XdnhMl/Xdnhps:D6JVivLHNqLBlRgJsCfW85PB86l1rs
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence