e1e830b5494e0e7bd1fcca6212050f61084a1aaea242a3133bb882db8f6e2e4e | Triage

Sharing

General

Target

c270ec8f3182d86a82bb6bb9c180dd30N.exe
Size

80KB
Sample

240903-l8seasveme
MD5

c270ec8f3182d86a82bb6bb9c180dd30
SHA1

45d140a17d907d9350e7121c233f0f7c6a41b34c
SHA256

e1e830b5494e0e7bd1fcca6212050f61084a1aaea242a3133bb882db8f6e2e4e
SHA512

d65c48707d4d71eedc2773f07c5a774d715d98711b31768fd2a2247d395fee9db556cc03599c34d744cc552639ac2136f2af19cd6ac1684e0fa576c7c2427691
SSDEEP

1536:yX6VDTTu48fS8XWZgxEHlWCDr/I62LtQwfi+TjRC/6i:1DWf/xklTDzIHewf1TjYL

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c270ec8f3182d86a82bb6bb9c180dd30N.exe
- Size
  
  80KB
- MD5
  
  c270ec8f3182d86a82bb6bb9c180dd30
- SHA1
  
  45d140a17d907d9350e7121c233f0f7c6a41b34c
- SHA256
  
  e1e830b5494e0e7bd1fcca6212050f61084a1aaea242a3133bb882db8f6e2e4e
- SHA512
  
  d65c48707d4d71eedc2773f07c5a774d715d98711b31768fd2a2247d395fee9db556cc03599c34d744cc552639ac2136f2af19cd6ac1684e0fa576c7c2427691
- SSDEEP
  
  1536:yX6VDTTu48fS8XWZgxEHlWCDr/I62LtQwfi+TjRC/6i:1DWf/xklTDzIHewf1TjYL
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence