20cb9909f14328cb8492e5ea81c27cf50268831919233e30a3c0646b5ab209a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9aabf66199dbaec8b8d7b17442c9490N.exe
Size

290KB
Sample

240904-ddlz2atfrj
MD5

f9aabf66199dbaec8b8d7b17442c9490
SHA1

1b2cb0f9b3cf0ed4f204ba12625ba2cfd2bdb555
SHA256

20cb9909f14328cb8492e5ea81c27cf50268831919233e30a3c0646b5ab209a4
SHA512

fa5336fa323278b201bb0ef65101465a994aa3ba6912177538b7b1b9362cc1c38c5d238a72f1d5dd4721103aa920252fce1838b70474e0348f792e0c560ae971
SSDEEP

6144:aS/qRefOrjUmKyIxLDXXoq9FJZCUmKyIxL:al32XXf9Do3

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f9aabf66199dbaec8b8d7b17442c9490N.exe
- Size
  
  290KB
- MD5
  
  f9aabf66199dbaec8b8d7b17442c9490
- SHA1
  
  1b2cb0f9b3cf0ed4f204ba12625ba2cfd2bdb555
- SHA256
  
  20cb9909f14328cb8492e5ea81c27cf50268831919233e30a3c0646b5ab209a4
- SHA512
  
  fa5336fa323278b201bb0ef65101465a994aa3ba6912177538b7b1b9362cc1c38c5d238a72f1d5dd4721103aa920252fce1838b70474e0348f792e0c560ae971
- SSDEEP
  
  6144:aS/qRefOrjUmKyIxLDXXoq9FJZCUmKyIxL:al32XXf9Do3
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence