dffa28a7ebcea291793066731c8ffeef674d28ab5a537285a931a06c21085690 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dffa28a7ebcea291793066731c8ffeef674d28ab5a537285a931a06c21085690
Size

64KB
Sample

240903-fv4brayhmf
MD5

0f6e1e4a70e76ad85223ee8237ae892b
SHA1

ee72e5b9a663851de1f2d0bbda98042146397814
SHA256

dffa28a7ebcea291793066731c8ffeef674d28ab5a537285a931a06c21085690
SHA512

25e3e228a7c96d75c5c921623c979019f54a2abe4edf24541fc2dddf7d105a0f292502dc6147242f7c7dfe26fe6d94336505b4e2f09f9f0098eb8fe2858d1559
SSDEEP

768:5qcdUmMpMKCSMl0sx0kd3wFFwbqJ4Z+KI9SO7ZgjzIkG0mToPUce+/1H53XdnhgU:JuMK0lbGKg32bg9jdc3Vm0DPZuYDPf

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dffa28a7ebcea291793066731c8ffeef674d28ab5a537285a931a06c21085690
- Size
  
  64KB
- MD5
  
  0f6e1e4a70e76ad85223ee8237ae892b
- SHA1
  
  ee72e5b9a663851de1f2d0bbda98042146397814
- SHA256
  
  dffa28a7ebcea291793066731c8ffeef674d28ab5a537285a931a06c21085690
- SHA512
  
  25e3e228a7c96d75c5c921623c979019f54a2abe4edf24541fc2dddf7d105a0f292502dc6147242f7c7dfe26fe6d94336505b4e2f09f9f0098eb8fe2858d1559
- SSDEEP
  
  768:5qcdUmMpMKCSMl0sx0kd3wFFwbqJ4Z+KI9SO7ZgjzIkG0mToPUce+/1H53XdnhgU:JuMK0lbGKg32bg9jdc3Vm0DPZuYDPf
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence