10976e8f81478c4cf1b7d6b0efdae8ea51faa68340b71b84a0b6d5fe017c4147 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2115afb9ca64a4ef7af9ac2e6ee7740N.exe
Size

82KB
Sample

240905-f4pjystdlj
MD5

c2115afb9ca64a4ef7af9ac2e6ee7740
SHA1

0cafa829bdc77f08295aaae40025af1ee053dcba
SHA256

10976e8f81478c4cf1b7d6b0efdae8ea51faa68340b71b84a0b6d5fe017c4147
SHA512

37f66b544709eb59697fb1408387e6051aeb4fbbb7808122e98042b29581297abaa268f2b365fda4869d5939ca61bc2a3a193d049b30f815052e00fe25712669
SSDEEP

1536:Q3XC1tzZbrMIkBq08ywioJ9v2L7Jbpm6+wDSmQFN6TiN1sJtvQu:QnCtzZnmn8goT0hpm6tm7N6TO1SpD

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c2115afb9ca64a4ef7af9ac2e6ee7740N.exe
- Size
  
  82KB
- MD5
  
  c2115afb9ca64a4ef7af9ac2e6ee7740
- SHA1
  
  0cafa829bdc77f08295aaae40025af1ee053dcba
- SHA256
  
  10976e8f81478c4cf1b7d6b0efdae8ea51faa68340b71b84a0b6d5fe017c4147
- SHA512
  
  37f66b544709eb59697fb1408387e6051aeb4fbbb7808122e98042b29581297abaa268f2b365fda4869d5939ca61bc2a3a193d049b30f815052e00fe25712669
- SSDEEP
  
  1536:Q3XC1tzZbrMIkBq08ywioJ9v2L7Jbpm6+wDSmQFN6TiN1sJtvQu:QnCtzZnmn8goT0hpm6tm7N6TO1SpD
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence