f3438bf776dc8754c3f2f6d71b1a06298f0fe6d9a329cdb6830db99e8a0bc292 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3438bf776dc8754c3f2f6d71b1a06298f0fe6d9a329cdb6830db99e8a0bc292
Size

94KB
Sample

240903-gwx2ssyhkm
MD5

95ae47116df9f952d24ee56a7185ff99
SHA1

c12ef597e25e75b3e2349206d8fe1a67364728d2
SHA256

f3438bf776dc8754c3f2f6d71b1a06298f0fe6d9a329cdb6830db99e8a0bc292
SHA512

9e976ca28adc132ad42325c5c630549f482f92ee99e43e6cffb64c359909a058b2c305dae2b73098d9945b6d8bb1a87a2e3b00282cc85e9a70c217aa846ffeb4
SSDEEP

1536:5S42bCSPENeiTvGRRDD8ECSUfJ8b/9mqHA0v2zMyCSv77BR9L4DT2EnINs:5b2ucEBTWv66blmqg0vkMy9T6+ob

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f3438bf776dc8754c3f2f6d71b1a06298f0fe6d9a329cdb6830db99e8a0bc292
- Size
  
  94KB
- MD5
  
  95ae47116df9f952d24ee56a7185ff99
- SHA1
  
  c12ef597e25e75b3e2349206d8fe1a67364728d2
- SHA256
  
  f3438bf776dc8754c3f2f6d71b1a06298f0fe6d9a329cdb6830db99e8a0bc292
- SHA512
  
  9e976ca28adc132ad42325c5c630549f482f92ee99e43e6cffb64c359909a058b2c305dae2b73098d9945b6d8bb1a87a2e3b00282cc85e9a70c217aa846ffeb4
- SSDEEP
  
  1536:5S42bCSPENeiTvGRRDD8ECSUfJ8b/9mqHA0v2zMyCSv77BR9L4DT2EnINs:5b2ucEBTWv66blmqg0vkMy9T6+ob
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence