0796736bc177c4fcf76e4022676c6c256443cf1ed6fe17bfcfb7856ba3fa9199 | Triage

Sharing

General

Target

1a28a17d27c2287f97187c5a8bacaf10N.exe
Size

108KB
Sample

240903-k49bkssfqq
MD5

1a28a17d27c2287f97187c5a8bacaf10
SHA1

eae1fc6ace2098df81fe704e9049a5d95e7ae8f3
SHA256

0796736bc177c4fcf76e4022676c6c256443cf1ed6fe17bfcfb7856ba3fa9199
SHA512

2aa819bc481289bd4b54f3bfa907e19f6ecd50447c5304b6f16f22704f0807591b5bc4261b201f4c53f22b687564fb46d4de1018372f322871c4622b41f7a50b
SSDEEP

3072:bKMf9zfRj78Koh3QUjmOiBn3w8BdTj2h3K:bRzfd78K0djVu3w8BdTj2VK

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  1a28a17d27c2287f97187c5a8bacaf10N.exe
- Size
  
  108KB
- MD5
  
  1a28a17d27c2287f97187c5a8bacaf10
- SHA1
  
  eae1fc6ace2098df81fe704e9049a5d95e7ae8f3
- SHA256
  
  0796736bc177c4fcf76e4022676c6c256443cf1ed6fe17bfcfb7856ba3fa9199
- SHA512
  
  2aa819bc481289bd4b54f3bfa907e19f6ecd50447c5304b6f16f22704f0807591b5bc4261b201f4c53f22b687564fb46d4de1018372f322871c4622b41f7a50b
- SSDEEP
  
  3072:bKMf9zfRj78Koh3QUjmOiBn3w8BdTj2h3K:bRzfd78K0djVu3w8BdTj2VK
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence