8f4d9f28803c7293cb0edb4cb88005201f9f765c9c437fedfc64c7c79137f033 | Triage

Sharing

General

Target

7bf8baa36fe1ecf738bccb2f5d085100N.exe
Size

165KB
Sample

240905-hec6qswbmg
MD5

7bf8baa36fe1ecf738bccb2f5d085100
SHA1

fdb30965f60e02df9522678e05312af2855ce3aa
SHA256

8f4d9f28803c7293cb0edb4cb88005201f9f765c9c437fedfc64c7c79137f033
SHA512

55d782cb0f0702112080e853c6dc0fbc9171c792131fbab0dd9cd2972675ced931da683e474ab85f375100c88b7616e0efedfda6210cd5eeae3ff50899061ea6
SSDEEP

3072:NBKLtOUnjWjLXHY6pmhBxebT3vQfEdArGzHq+egM5bylnO/hZP:3KpjWjT4lebbQMdArGzHregqgnO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  7bf8baa36fe1ecf738bccb2f5d085100N.exe
- Size
  
  165KB
- MD5
  
  7bf8baa36fe1ecf738bccb2f5d085100
- SHA1
  
  fdb30965f60e02df9522678e05312af2855ce3aa
- SHA256
  
  8f4d9f28803c7293cb0edb4cb88005201f9f765c9c437fedfc64c7c79137f033
- SHA512
  
  55d782cb0f0702112080e853c6dc0fbc9171c792131fbab0dd9cd2972675ced931da683e474ab85f375100c88b7616e0efedfda6210cd5eeae3ff50899061ea6
- SSDEEP
  
  3072:NBKLtOUnjWjLXHY6pmhBxebT3vQfEdArGzHq+egM5bylnO/hZP:3KpjWjT4lebbQMdArGzHregqgnO
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence