01a2e7de4f2a6ab96528d06149f439e0bbe4bc23fc1abbaa82f8fbf371cc3ca3 | Triage

Sharing

General

Target

79d2e579d77a44d8b6c908c469e75ab0N.exe
Size

91KB
Sample

240902-lcczqsxhqh
MD5

79d2e579d77a44d8b6c908c469e75ab0
SHA1

b4283d40e876c3413b55977912da670940d3f1ed
SHA256

01a2e7de4f2a6ab96528d06149f439e0bbe4bc23fc1abbaa82f8fbf371cc3ca3
SHA512

65a32d9bed7ec378742fd79ad08bd2697ba537b4ae3ee018c1e8b650a5a08abe3626ecfa2838a608b775a0c78bb6fa842cd5283579ac74001cbfb56acb2d3541
SSDEEP

1536:pFT4Q6vZvKUK1Rc/0FB6qp/EFNaB98ihifePub0dRaDF555ZjQCVX+Yr/viVMi:pFT4Q8Mc/0/6qp/NDhGkk0dRaDFT3QsG

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  79d2e579d77a44d8b6c908c469e75ab0N.exe
- Size
  
  91KB
- MD5
  
  79d2e579d77a44d8b6c908c469e75ab0
- SHA1
  
  b4283d40e876c3413b55977912da670940d3f1ed
- SHA256
  
  01a2e7de4f2a6ab96528d06149f439e0bbe4bc23fc1abbaa82f8fbf371cc3ca3
- SHA512
  
  65a32d9bed7ec378742fd79ad08bd2697ba537b4ae3ee018c1e8b650a5a08abe3626ecfa2838a608b775a0c78bb6fa842cd5283579ac74001cbfb56acb2d3541
- SSDEEP
  
  1536:pFT4Q6vZvKUK1Rc/0FB6qp/EFNaB98ihifePub0dRaDF555ZjQCVX+Yr/viVMi:pFT4Q8Mc/0/6qp/NDhGkk0dRaDFT3QsG
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence