ea2cfad297c6f92484e818e23e53acf7269498f535d09c245754eb920693a9f8 | Triage

Sharing

General

Target

ea2cfad297c6f92484e818e23e53acf7269498f535d09c245754eb920693a9f8
Size

128KB
Sample

240903-nllz4swgqc
MD5

de9236d35baa1cd66aa60e3e7ca37dd2
SHA1

d80df7ed9830bd9e52e7e495a0bf7e589878accd
SHA256

ea2cfad297c6f92484e818e23e53acf7269498f535d09c245754eb920693a9f8
SHA512

43311a38b900d3e593dbf125f5d6162e22f15003cc3ab61d090c40d3d451ce8e2d9603d4fdaeb3b68f67e1e395a0516128c54395ee17d00de4fd9800fb7a5d03
SSDEEP

1536:mjD70tE6BgKFgf28/VgVS57YRI2Ha4lv0lbwZG9o1nFzz3yjCQRawEDAJB8g:mjf0HBgKFn8yR7hJ0lbwf1nFzwSAJB8g

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea2cfad297c6f92484e818e23e53acf7269498f535d09c245754eb920693a9f8
- Size
  
  128KB
- MD5
  
  de9236d35baa1cd66aa60e3e7ca37dd2
- SHA1
  
  d80df7ed9830bd9e52e7e495a0bf7e589878accd
- SHA256
  
  ea2cfad297c6f92484e818e23e53acf7269498f535d09c245754eb920693a9f8
- SHA512
  
  43311a38b900d3e593dbf125f5d6162e22f15003cc3ab61d090c40d3d451ce8e2d9603d4fdaeb3b68f67e1e395a0516128c54395ee17d00de4fd9800fb7a5d03
- SSDEEP
  
  1536:mjD70tE6BgKFgf28/VgVS57YRI2Ha4lv0lbwZG9o1nFzz3yjCQRawEDAJB8g:mjf0HBgKFn8yR7hJ0lbwf1nFzwSAJB8g
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence