c3b0d2140d6494a14e962493f2ea0b3dc3a77d680c451160e9643105e9d9836a | Triage

Sharing

General

Target

e112788949b0ee7e0838e335028d7560N.exe
Size

192KB
Sample

240905-pbtgwazgmk
MD5

e112788949b0ee7e0838e335028d7560
SHA1

dbd4e155e93e4c3fb1ee2dac962d6422b790e6ff
SHA256

c3b0d2140d6494a14e962493f2ea0b3dc3a77d680c451160e9643105e9d9836a
SHA512

2363df4a5c3ae384d0b4e76eb3a13961cfa6cdb8a42d10dc79e5085032320f22e27836d6b1c46a104e1d3622c83f9a4ec31b995674facab930efdf1c186e659b
SSDEEP

3072:xHK35uyOXvBwPZyPcjPkEUClcyzdpGrLSIE8eFKPD375lHzpa1P2FU6UK7q4+5D8:xq3OWgqeyzKrLHE8eYr75lHzpaF2e6UM

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e112788949b0ee7e0838e335028d7560N.exe
- Size
  
  192KB
- MD5
  
  e112788949b0ee7e0838e335028d7560
- SHA1
  
  dbd4e155e93e4c3fb1ee2dac962d6422b790e6ff
- SHA256
  
  c3b0d2140d6494a14e962493f2ea0b3dc3a77d680c451160e9643105e9d9836a
- SHA512
  
  2363df4a5c3ae384d0b4e76eb3a13961cfa6cdb8a42d10dc79e5085032320f22e27836d6b1c46a104e1d3622c83f9a4ec31b995674facab930efdf1c186e659b
- SSDEEP
  
  3072:xHK35uyOXvBwPZyPcjPkEUClcyzdpGrLSIE8eFKPD375lHzpa1P2FU6UK7q4+5D8:xq3OWgqeyzKrLHE8eYr75lHzpaF2e6UM
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence