e1879599961779c16d67a17a5de201da49635a8932d3f2d3b6fe10583b76c138 | Triage

Sharing

General

Target

a3782d18f6b076b9758cabc7a2c98b30N.exe
Size

188KB
Sample

240903-zxsgtayamf
MD5

a3782d18f6b076b9758cabc7a2c98b30
SHA1

3838ce2875809534eccda4c71eab5b889d2d5d45
SHA256

e1879599961779c16d67a17a5de201da49635a8932d3f2d3b6fe10583b76c138
SHA512

013cb4f9cddcf3dcc5612f600ae3ca8efdbf96f70a3d65d9c7f052cac6ed91897304d48af1d2cf1cee1fc434a433899c9a0e7c4ef8a698c3a127e663f97df05f
SSDEEP

3072:4v5Wicr/WH9uPsts6HTlWTUOS1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:40icr/Se6HJaBS1AelhEN4MujGJoSoDj

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a3782d18f6b076b9758cabc7a2c98b30N.exe
- Size
  
  188KB
- MD5
  
  a3782d18f6b076b9758cabc7a2c98b30
- SHA1
  
  3838ce2875809534eccda4c71eab5b889d2d5d45
- SHA256
  
  e1879599961779c16d67a17a5de201da49635a8932d3f2d3b6fe10583b76c138
- SHA512
  
  013cb4f9cddcf3dcc5612f600ae3ca8efdbf96f70a3d65d9c7f052cac6ed91897304d48af1d2cf1cee1fc434a433899c9a0e7c4ef8a698c3a127e663f97df05f
- SSDEEP
  
  3072:4v5Wicr/WH9uPsts6HTlWTUOS1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:40icr/Se6HJaBS1AelhEN4MujGJoSoDj
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence