3a0c25a965ec219264f47cc17181bebb6c8029f75b669ddffa9d2ff338686cdc | Triage

Sharing

General

Target

efb7bc8b4b39927413dc6cbf0d0160d0N.exe
Size

55KB
Sample

240903-wczhvatdjb
MD5

efb7bc8b4b39927413dc6cbf0d0160d0
SHA1

0294e3d692b1b8ce2ce60ee188b702dd91c61def
SHA256

3a0c25a965ec219264f47cc17181bebb6c8029f75b669ddffa9d2ff338686cdc
SHA512

e30fcf49bf48bc47e071a5c61c879cdbfc5241ee102a1f5c9a7f080a2d2c6b6fab9ca33cb56f39e038ce7aa351b6280b11d46ad163bbd7c12031428b5da834b0
SSDEEP

768:kVRXwVs/FgpJNt9/LXpVsb5VpeIWKo4TgCZCN+ZSgKPf8Xd/Uv5V2p/1H52pXdnh:ORXwcS9jX/o5/cKo4TgCNKMO2L6

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  efb7bc8b4b39927413dc6cbf0d0160d0N.exe
- Size
  
  55KB
- MD5
  
  efb7bc8b4b39927413dc6cbf0d0160d0
- SHA1
  
  0294e3d692b1b8ce2ce60ee188b702dd91c61def
- SHA256
  
  3a0c25a965ec219264f47cc17181bebb6c8029f75b669ddffa9d2ff338686cdc
- SHA512
  
  e30fcf49bf48bc47e071a5c61c879cdbfc5241ee102a1f5c9a7f080a2d2c6b6fab9ca33cb56f39e038ce7aa351b6280b11d46ad163bbd7c12031428b5da834b0
- SSDEEP
  
  768:kVRXwVs/FgpJNt9/LXpVsb5VpeIWKo4TgCZCN+ZSgKPf8Xd/Uv5V2p/1H52pXdnh:ORXwcS9jX/o5/cKo4TgCNKMO2L6
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence