f3e258cf3412372a6c0501cabff699e826e2d59a0ab9ad63b376b3887d191c68 | Triage

Sharing

General

Target

4b9f0876e19c937d3eaac71c1c549600N.exe
Size

87KB
Sample

240905-1fs8fs1aph
MD5

4b9f0876e19c937d3eaac71c1c549600
SHA1

260c1b1049089faf5419642646c0610baac69162
SHA256

f3e258cf3412372a6c0501cabff699e826e2d59a0ab9ad63b376b3887d191c68
SHA512

e8d90f0c3d7bdce19dfa2a91207478e5dc24fa7998b0de4deaf0bad5aa87cc99fab3ab3d926a3785b498a43e607496b8a3d0cbd076bb072778b3af308e2ecd04
SSDEEP

1536:BPAmdhF/d1V0hd8cGZt0PXKU+t6YaOexYA9xcJF6a8Jba3Y3A4RQ4nRSRBDNrR0H:ykD/3evWKKUCQOiYA9odmEaJeqAnDlmH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4b9f0876e19c937d3eaac71c1c549600N.exe
- Size
  
  87KB
- MD5
  
  4b9f0876e19c937d3eaac71c1c549600
- SHA1
  
  260c1b1049089faf5419642646c0610baac69162
- SHA256
  
  f3e258cf3412372a6c0501cabff699e826e2d59a0ab9ad63b376b3887d191c68
- SHA512
  
  e8d90f0c3d7bdce19dfa2a91207478e5dc24fa7998b0de4deaf0bad5aa87cc99fab3ab3d926a3785b498a43e607496b8a3d0cbd076bb072778b3af308e2ecd04
- SSDEEP
  
  1536:BPAmdhF/d1V0hd8cGZt0PXKU+t6YaOexYA9xcJF6a8Jba3Y3A4RQ4nRSRBDNrR0H:ykD/3evWKKUCQOiYA9odmEaJeqAnDlmH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence