18c17bd8a68eb85d01119ab4fe2e18611edd7ccd5ca30979f8b16b813e1a31df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbc43c5c2cb166495999290099bfd8f0N.exe
Size

89KB
Sample

240902-q9ebaa1hjn
MD5

cbc43c5c2cb166495999290099bfd8f0
SHA1

c1b6f32dd5a119190ba3b0f47344a207b8f91469
SHA256

18c17bd8a68eb85d01119ab4fe2e18611edd7ccd5ca30979f8b16b813e1a31df
SHA512

9c2dd671d7add7b55b1b7efc84592e43aae5b1dc8ec144f8233c24f465627ee8b6c8c54b63a05f842b048e524deda9b38d550a1485792c8ff48bee124d611b90
SSDEEP

1536:NDAg4KE/PPBvVhHvmDdIdeTVTj1gQJDJDVEvcUlExkg8Fk:N3qHHM0cUlakgwk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  cbc43c5c2cb166495999290099bfd8f0N.exe
- Size
  
  89KB
- MD5
  
  cbc43c5c2cb166495999290099bfd8f0
- SHA1
  
  c1b6f32dd5a119190ba3b0f47344a207b8f91469
- SHA256
  
  18c17bd8a68eb85d01119ab4fe2e18611edd7ccd5ca30979f8b16b813e1a31df
- SHA512
  
  9c2dd671d7add7b55b1b7efc84592e43aae5b1dc8ec144f8233c24f465627ee8b6c8c54b63a05f842b048e524deda9b38d550a1485792c8ff48bee124d611b90
- SSDEEP
  
  1536:NDAg4KE/PPBvVhHvmDdIdeTVTj1gQJDJDVEvcUlExkg8Fk:N3qHHM0cUlakgwk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence