2b1e8bba3ca371ad34bda9831e94763da7ddd3544747e19eb7c9ab6d51e02cce | Triage

Sharing

General

Target

2b1e8bba3ca371ad34bda9831e94763da7ddd3544747e19eb7c9ab6d51e02cce
Size

91KB
Sample

240903-yqmgjswgpf
MD5

dc7b24d8caf60859f52f8c9f1320c82e
SHA1

4aefcab8d8ed39466c5f645afcf382d08fd2e69d
SHA256

2b1e8bba3ca371ad34bda9831e94763da7ddd3544747e19eb7c9ab6d51e02cce
SHA512

070cde2962902012d67c8c053dbb5c91f9efd53e8fe9e4bf6da5b4976189b96f6d433fcd01cad787751a66d8d862d4c2fb083fcaba18dafdd031cd81cad07343
SSDEEP

1536:zJQxw1u94LaZeua9+oU2nLyDXdi8pE4g5a3iZ8saqYko:zJQ+CFpfDN3E4xSzWP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2b1e8bba3ca371ad34bda9831e94763da7ddd3544747e19eb7c9ab6d51e02cce
- Size
  
  91KB
- MD5
  
  dc7b24d8caf60859f52f8c9f1320c82e
- SHA1
  
  4aefcab8d8ed39466c5f645afcf382d08fd2e69d
- SHA256
  
  2b1e8bba3ca371ad34bda9831e94763da7ddd3544747e19eb7c9ab6d51e02cce
- SHA512
  
  070cde2962902012d67c8c053dbb5c91f9efd53e8fe9e4bf6da5b4976189b96f6d433fcd01cad787751a66d8d862d4c2fb083fcaba18dafdd031cd81cad07343
- SSDEEP
  
  1536:zJQxw1u94LaZeua9+oU2nLyDXdi8pE4g5a3iZ8saqYko:zJQ+CFpfDN3E4xSzWP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence