bb2e03da72e3699744d0aca16481d1a758ed9fd79378c564d6a1caed57c53897 | Triage

Sharing

General

Target

287b95ceba336515079e146d6c3b1cd0N.exe
Size

78KB
Sample

240903-er63sswgql
MD5

287b95ceba336515079e146d6c3b1cd0
SHA1

5b37698b22571b62c71f6cc3558589e3081e7fad
SHA256

bb2e03da72e3699744d0aca16481d1a758ed9fd79378c564d6a1caed57c53897
SHA512

29f5afe8e6b8cdb6c1102674fcf45f5793d9e51d50b25ea0bdb9c35eb78cbaad514ec5419cec6ebbf4d7d98d6560941f76ef4238de44d3aeff86ab8714037a6e
SSDEEP

1536:gu7WOaTtadpCn96BCh9GEyZWBYiVTN+zL20gJi1ie:oOaTtmpgY0h0EyZWBYiVTgzL20WKt

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  287b95ceba336515079e146d6c3b1cd0N.exe
- Size
  
  78KB
- MD5
  
  287b95ceba336515079e146d6c3b1cd0
- SHA1
  
  5b37698b22571b62c71f6cc3558589e3081e7fad
- SHA256
  
  bb2e03da72e3699744d0aca16481d1a758ed9fd79378c564d6a1caed57c53897
- SHA512
  
  29f5afe8e6b8cdb6c1102674fcf45f5793d9e51d50b25ea0bdb9c35eb78cbaad514ec5419cec6ebbf4d7d98d6560941f76ef4238de44d3aeff86ab8714037a6e
- SSDEEP
  
  1536:gu7WOaTtadpCn96BCh9GEyZWBYiVTN+zL20gJi1ie:oOaTtmpgY0h0EyZWBYiVTgzL20WKt
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence