b399958ba56d948c7339d232dab820a43731bd2fec549a1d5d84f636bd1b688a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5af3f61d4880f22efb29e373c2692ae0N.exe
Size

52KB
Sample

240903-rsplcszhje
MD5

5af3f61d4880f22efb29e373c2692ae0
SHA1

0c444c9d3daacb82c953d113c661b2b4b185e0b5
SHA256

b399958ba56d948c7339d232dab820a43731bd2fec549a1d5d84f636bd1b688a
SHA512

704789f468a22c077778b27f4cb4dd2dea722c78dd399514bf8d77b0c0f6648f7d8c751c9c8b5cef54c795f824441e779432f837e663cf17a4d2f4ef5bdae1d2
SSDEEP

768:zepJVo/eG8/sUe7YgBtSTJfUJa6Osf5coX/1H5F/sLO0MABvKWe:ypJu/hTfMItS180+T2MAdKZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5af3f61d4880f22efb29e373c2692ae0N.exe
- Size
  
  52KB
- MD5
  
  5af3f61d4880f22efb29e373c2692ae0
- SHA1
  
  0c444c9d3daacb82c953d113c661b2b4b185e0b5
- SHA256
  
  b399958ba56d948c7339d232dab820a43731bd2fec549a1d5d84f636bd1b688a
- SHA512
  
  704789f468a22c077778b27f4cb4dd2dea722c78dd399514bf8d77b0c0f6648f7d8c751c9c8b5cef54c795f824441e779432f837e663cf17a4d2f4ef5bdae1d2
- SSDEEP
  
  768:zepJVo/eG8/sUe7YgBtSTJfUJa6Osf5coX/1H5F/sLO0MABvKWe:ypJu/hTfMItS180+T2MAdKZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence