d7c9c71d75db91911a11dd93c14a1cf520aa5051e8b247f88be4747ba562e0e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec1dea95bdd8e4aa6bcb181e149d1ba0N.exe
Size

304KB
Sample

240902-g4p16aveqc
MD5

ec1dea95bdd8e4aa6bcb181e149d1ba0
SHA1

f2e657f3a4e735886419ed562d1aeaef6fc7d5b1
SHA256

d7c9c71d75db91911a11dd93c14a1cf520aa5051e8b247f88be4747ba562e0e0
SHA512

ba1a171320a16a6d623fd5c590c388a33683190058a8ad02b624569c6662dc4826160a22b7d72dfa3969d6e9cad4643d33a892b0325efcd09fdcaeea3a217bab
SSDEEP

6144:7VzvZkZYEwBDJNxunXe8yhrtMsQBvli+RQFdq:VvCyvAO8qRMsrOQF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ec1dea95bdd8e4aa6bcb181e149d1ba0N.exe
- Size
  
  304KB
- MD5
  
  ec1dea95bdd8e4aa6bcb181e149d1ba0
- SHA1
  
  f2e657f3a4e735886419ed562d1aeaef6fc7d5b1
- SHA256
  
  d7c9c71d75db91911a11dd93c14a1cf520aa5051e8b247f88be4747ba562e0e0
- SHA512
  
  ba1a171320a16a6d623fd5c590c388a33683190058a8ad02b624569c6662dc4826160a22b7d72dfa3969d6e9cad4643d33a892b0325efcd09fdcaeea3a217bab
- SSDEEP
  
  6144:7VzvZkZYEwBDJNxunXe8yhrtMsQBvli+RQFdq:VvCyvAO8qRMsrOQF
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence