108b6d495657e9a97e92c9ccb3dac7f9a8e14cb427761c253ca021fba5b712f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deccb745e5699c4769a53f0b5d3ab9b0N.exe
Size

2.3MB
Sample

240903-wvcf2asgqm
MD5

deccb745e5699c4769a53f0b5d3ab9b0
SHA1

084731ec8f196b2ecb64cd15bd3fcea3259cd170
SHA256

108b6d495657e9a97e92c9ccb3dac7f9a8e14cb427761c253ca021fba5b712f4
SHA512

5163f3dd86a3248ce450b39709ce630068fb166edeaa378ec0244720f34f78c44b1d9603e0235c6824619b7a9ee0569ecf576bba8e3de01221ddb3c6fee2c600
SSDEEP

3072:Tsrob5uNcy8DQF8Kf/vlTZ0I/I0Q5OPIN+/cuTQ2TgRX7Jg3A9z:TsUDcKu/vlTZVgp54tRo7KA9z

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  deccb745e5699c4769a53f0b5d3ab9b0N.exe
- Size
  
  2.3MB
- MD5
  
  deccb745e5699c4769a53f0b5d3ab9b0
- SHA1
  
  084731ec8f196b2ecb64cd15bd3fcea3259cd170
- SHA256
  
  108b6d495657e9a97e92c9ccb3dac7f9a8e14cb427761c253ca021fba5b712f4
- SHA512
  
  5163f3dd86a3248ce450b39709ce630068fb166edeaa378ec0244720f34f78c44b1d9603e0235c6824619b7a9ee0569ecf576bba8e3de01221ddb3c6fee2c600
- SSDEEP
  
  3072:Tsrob5uNcy8DQF8Kf/vlTZ0I/I0Q5OPIN+/cuTQ2TgRX7Jg3A9z:TsUDcKu/vlTZVgp54tRo7KA9z
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence