b19cb1709c8dd4f74e57fd40adfd074c4968fbdcfaafab7e68f1fe96d9cca92f | Triage

Sharing

General

Target

b19cb1709c8dd4f74e57fd40adfd074c4968fbdcfaafab7e68f1fe96d9cca92f
Size

390KB
Sample

240904-csbxyavdmh
MD5

24a865b22cdad5604d6154a3370f2661
SHA1

b0a0dc15cfbc564de8ba9a16a74b1f4801be38d2
SHA256

b19cb1709c8dd4f74e57fd40adfd074c4968fbdcfaafab7e68f1fe96d9cca92f
SHA512

f25bfc87ece4b9e2b79e8e814a9275271113269b8fce8fa5bec8d0de14d2578ee49f27ca02384b252d2a7375939b0ad95c69b16f77039ea3b470620df0a70f64
SSDEEP

3072:xJpLh1z4yRg/bA+6+bWQALHLQGAZzasJR/X4a+SFkVsYtTHTMT5NeVWmjjGF:th+c+6CbArLAZ26RQSFSTHAjhV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b19cb1709c8dd4f74e57fd40adfd074c4968fbdcfaafab7e68f1fe96d9cca92f
- Size
  
  390KB
- MD5
  
  24a865b22cdad5604d6154a3370f2661
- SHA1
  
  b0a0dc15cfbc564de8ba9a16a74b1f4801be38d2
- SHA256
  
  b19cb1709c8dd4f74e57fd40adfd074c4968fbdcfaafab7e68f1fe96d9cca92f
- SHA512
  
  f25bfc87ece4b9e2b79e8e814a9275271113269b8fce8fa5bec8d0de14d2578ee49f27ca02384b252d2a7375939b0ad95c69b16f77039ea3b470620df0a70f64
- SSDEEP
  
  3072:xJpLh1z4yRg/bA+6+bWQALHLQGAZzasJR/X4a+SFkVsYtTHTMT5NeVWmjjGF:th+c+6CbArLAZ26RQSFSTHAjhV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence