399e7a6775ed0af5a1aa2aa1aba4b29669e9a70c4c9ff0ce243b909ef53f3968 | Triage

Sharing

General

Target

ce2813faa3a73afdbb6f3aec322856d0N.exe
Size

320KB
Sample

240902-qls5jasanc
MD5

ce2813faa3a73afdbb6f3aec322856d0
SHA1

91bb2f498e138e0dd75f5bee97e3d8a1f6dc93d7
SHA256

399e7a6775ed0af5a1aa2aa1aba4b29669e9a70c4c9ff0ce243b909ef53f3968
SHA512

e4606ae49c8eb32a3bdb82caff798ddf71ee53c860e1b33c33406c818d5bff485937e5618758c8203a06b0737e320f1c9f54aefb13549dc122732b76b679b37a
SSDEEP

6144:tt7UZ6d+gLAYCtE07kli0KoCYtw2B0Ddu9szWfx09UBIUbPLwH/lLOUaR/N1I0lS:ttQZ6dwYJ07kE0KoFtw2gu9RxrBIUbP+

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ce2813faa3a73afdbb6f3aec322856d0N.exe
- Size
  
  320KB
- MD5
  
  ce2813faa3a73afdbb6f3aec322856d0
- SHA1
  
  91bb2f498e138e0dd75f5bee97e3d8a1f6dc93d7
- SHA256
  
  399e7a6775ed0af5a1aa2aa1aba4b29669e9a70c4c9ff0ce243b909ef53f3968
- SHA512
  
  e4606ae49c8eb32a3bdb82caff798ddf71ee53c860e1b33c33406c818d5bff485937e5618758c8203a06b0737e320f1c9f54aefb13549dc122732b76b679b37a
- SSDEEP
  
  6144:tt7UZ6d+gLAYCtE07kli0KoCYtw2B0Ddu9szWfx09UBIUbPLwH/lLOUaR/N1I0lS:ttQZ6dwYJ07kE0KoFtw2gu9RxrBIUbP+
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence