0d398dc62cbefa90ed43663665b6e30260a3b18c852041fe1fa3896c695d990c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

806904453481ef22c449c486ce574cc0N.exe
Size

52KB
Sample

240903-wrn1nasgjr
MD5

806904453481ef22c449c486ce574cc0
SHA1

ff106b79c06b46047bd2a6bb16b6544e57a00675
SHA256

0d398dc62cbefa90ed43663665b6e30260a3b18c852041fe1fa3896c695d990c
SHA512

afe1daafdb1afb3359d90c0c23019b87923571094956c2b54cc72dc7daa60b2f5b3564f91ab7f38b1b19b9d442d732e58878089c52856da44e2393850a49d6f8
SSDEEP

768:1KAxjqSv7fDSLTEifc4eykRxGUzHvYvhSdtb8dZPT/1H5F/sSMABvKWe:1Tv7fLsc4ezHChcb8dZtrMAdKZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  806904453481ef22c449c486ce574cc0N.exe
- Size
  
  52KB
- MD5
  
  806904453481ef22c449c486ce574cc0
- SHA1
  
  ff106b79c06b46047bd2a6bb16b6544e57a00675
- SHA256
  
  0d398dc62cbefa90ed43663665b6e30260a3b18c852041fe1fa3896c695d990c
- SHA512
  
  afe1daafdb1afb3359d90c0c23019b87923571094956c2b54cc72dc7daa60b2f5b3564f91ab7f38b1b19b9d442d732e58878089c52856da44e2393850a49d6f8
- SSDEEP
  
  768:1KAxjqSv7fDSLTEifc4eykRxGUzHvYvhSdtb8dZPT/1H5F/sSMABvKWe:1Tv7fLsc4ezHChcb8dZtrMAdKZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence