2dd5405a9c021187220bd6354f8d51b63d09c3ddde29f723a8b90209e465b596 | Triage

Sharing

General

Target

2dd5405a9c021187220bd6354f8d51b63d09c3ddde29f723a8b90209e465b596
Size

224KB
Sample

240905-hq44lavejp
MD5

b9cdbbf5d5e6d88a27026391d1fb49f0
SHA1

894fd9a888c6ef6cebbbdd21b75ec98099a3c8e4
SHA256

2dd5405a9c021187220bd6354f8d51b63d09c3ddde29f723a8b90209e465b596
SHA512

367c02e9eb236f0d44ffdaa41c1bbb946a9dca50373fe5a9a384e9b1dcdb652ce8abd4d3715e1c161ec5af11192b9e53865e57b805273e3832d98b75f993f488
SSDEEP

6144:VkbVsX39zyNHlp4PlXj4IyqrQ///NR5fL4:CbVsX39zY7YxxC/Nc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2dd5405a9c021187220bd6354f8d51b63d09c3ddde29f723a8b90209e465b596
- Size
  
  224KB
- MD5
  
  b9cdbbf5d5e6d88a27026391d1fb49f0
- SHA1
  
  894fd9a888c6ef6cebbbdd21b75ec98099a3c8e4
- SHA256
  
  2dd5405a9c021187220bd6354f8d51b63d09c3ddde29f723a8b90209e465b596
- SHA512
  
  367c02e9eb236f0d44ffdaa41c1bbb946a9dca50373fe5a9a384e9b1dcdb652ce8abd4d3715e1c161ec5af11192b9e53865e57b805273e3832d98b75f993f488
- SSDEEP
  
  6144:VkbVsX39zyNHlp4PlXj4IyqrQ///NR5fL4:CbVsX39zY7YxxC/Nc
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence