da6ff881c5feb1ea4f6299596db8db78a348d87b60aae6632e2d10cfd2b716e4 | Triage

Sharing

General

Target

7471c15ff2de4c8f223c283d6abfe2d0N.exe
Size

376KB
Sample

240905-pem49szhll
MD5

7471c15ff2de4c8f223c283d6abfe2d0
SHA1

59ced0c96e8c101dbc7a7f5b2af385a5e7762ff4
SHA256

da6ff881c5feb1ea4f6299596db8db78a348d87b60aae6632e2d10cfd2b716e4
SHA512

a2cf6388dce1cd0252dc76fb638570b21504285391e58242634385c3de2ef1f1deb1b7b69cd556822178ef24d06415fcd8e206d77f8ee0383306c7a04a61dd66
SSDEEP

6144:K5aZBXrmoenPXuapoaCPXbo92ynnZlVrtv35CPXbo92ynn8sbeWDSpaH8m30gsbi:K5QXKo6uqFHRFbeE8m5se

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  7471c15ff2de4c8f223c283d6abfe2d0N.exe
- Size
  
  376KB
- MD5
  
  7471c15ff2de4c8f223c283d6abfe2d0
- SHA1
  
  59ced0c96e8c101dbc7a7f5b2af385a5e7762ff4
- SHA256
  
  da6ff881c5feb1ea4f6299596db8db78a348d87b60aae6632e2d10cfd2b716e4
- SHA512
  
  a2cf6388dce1cd0252dc76fb638570b21504285391e58242634385c3de2ef1f1deb1b7b69cd556822178ef24d06415fcd8e206d77f8ee0383306c7a04a61dd66
- SSDEEP
  
  6144:K5aZBXrmoenPXuapoaCPXbo92ynnZlVrtv35CPXbo92ynn8sbeWDSpaH8m30gsbi:K5QXKo6uqFHRFbeE8m5se
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence