8c9e8c539219320a6c194e4004f5bed593b6b00f1f7cf8e079504e5eb960f747 | Triage

Sharing

General

Target

8c9e8c539219320a6c194e4004f5bed593b6b00f1f7cf8e079504e5eb960f747
Size

59KB
Sample

240904-awbega1dpk
MD5

f79bb47fdfa6535d53ba01408e59e08e
SHA1

827d5cadc3f696fe3148676cc17975af702566fb
SHA256

8c9e8c539219320a6c194e4004f5bed593b6b00f1f7cf8e079504e5eb960f747
SHA512

bc30832de3a2221aebb1c484b3242b6e9b42767c3170d6ad18cd95c0742e2b90c0d1ddb1759db4e08fb70c58a8e4ab671e6ae892f0f6c22921588468b6b91dcf
SSDEEP

768:OD7/lo98qgTo8oyWIwyudDaZET6ASx1fuA0rMK89R3hPOAPeIj5L2p/1H5A3Xdno:y7to+508rhLuXqx8rrc9R30Se22LMO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8c9e8c539219320a6c194e4004f5bed593b6b00f1f7cf8e079504e5eb960f747
- Size
  
  59KB
- MD5
  
  f79bb47fdfa6535d53ba01408e59e08e
- SHA1
  
  827d5cadc3f696fe3148676cc17975af702566fb
- SHA256
  
  8c9e8c539219320a6c194e4004f5bed593b6b00f1f7cf8e079504e5eb960f747
- SHA512
  
  bc30832de3a2221aebb1c484b3242b6e9b42767c3170d6ad18cd95c0742e2b90c0d1ddb1759db4e08fb70c58a8e4ab671e6ae892f0f6c22921588468b6b91dcf
- SSDEEP
  
  768:OD7/lo98qgTo8oyWIwyudDaZET6ASx1fuA0rMK89R3hPOAPeIj5L2p/1H5A3Xdno:y7to+508rhLuXqx8rrc9R30Se22LMO
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence