139b77dd910549e822174a96f99a40f24e7174563de3ffa4f7ef423d23ac9b39 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a281a55e01cd4c752d8d18a807e68a30N.exe
Size

90KB
Sample

240905-fqw2watbql
MD5

a281a55e01cd4c752d8d18a807e68a30
SHA1

1af0ec57463770726901a8ad37746e6d41db6cab
SHA256

139b77dd910549e822174a96f99a40f24e7174563de3ffa4f7ef423d23ac9b39
SHA512

a7dfb2cf4510c55820ed9be6f75e76fddd67b0377df5343dc7d2085a57706b6187616c7031398b96f37e704bd383e50db1402ee5993c62b4df8bc95f4d4141d3
SSDEEP

1536:nx0E6v2eNLZjQ3RRznaC5a+Ql0vU+BX4EbcAxzgGWRKtXmnzfsP4urhYm9OgrzIl:uE6v5ZjQ3YS86cAxuRKtXmnzEwqGu/Gv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a281a55e01cd4c752d8d18a807e68a30N.exe
- Size
  
  90KB
- MD5
  
  a281a55e01cd4c752d8d18a807e68a30
- SHA1
  
  1af0ec57463770726901a8ad37746e6d41db6cab
- SHA256
  
  139b77dd910549e822174a96f99a40f24e7174563de3ffa4f7ef423d23ac9b39
- SHA512
  
  a7dfb2cf4510c55820ed9be6f75e76fddd67b0377df5343dc7d2085a57706b6187616c7031398b96f37e704bd383e50db1402ee5993c62b4df8bc95f4d4141d3
- SSDEEP
  
  1536:nx0E6v2eNLZjQ3RRznaC5a+Ql0vU+BX4EbcAxzgGWRKtXmnzfsP4urhYm9OgrzIl:uE6v5ZjQ3YS86cAxuRKtXmnzEwqGu/Gv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence