3432adc03b3c94f0fdf3064c822c9664c3d71aa27c98f50427dba144306c7566 | Triage

Sharing

General

Target

0e1106be93d89098ff64e22e161f6da0N.exe
Size

305KB
Sample

240905-py5hna1crk
MD5

0e1106be93d89098ff64e22e161f6da0
SHA1

d6dce3d3ace9bec600ade7f7f9a54677deed3ba9
SHA256

3432adc03b3c94f0fdf3064c822c9664c3d71aa27c98f50427dba144306c7566
SHA512

df1ad7659329e9dc1d7b770e42018d8f2c5456400fd0e94d66d8413b370f6ae389256daad30405a1647e6fc8875632a4309afbeefe78eb147c26a877532211a9
SSDEEP

6144:DQZa97d3GfilmqNxunXe8yhrtMsQBvli+RQFdq:DQZabG+vAO8qRMsrOQF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0e1106be93d89098ff64e22e161f6da0N.exe
- Size
  
  305KB
- MD5
  
  0e1106be93d89098ff64e22e161f6da0
- SHA1
  
  d6dce3d3ace9bec600ade7f7f9a54677deed3ba9
- SHA256
  
  3432adc03b3c94f0fdf3064c822c9664c3d71aa27c98f50427dba144306c7566
- SHA512
  
  df1ad7659329e9dc1d7b770e42018d8f2c5456400fd0e94d66d8413b370f6ae389256daad30405a1647e6fc8875632a4309afbeefe78eb147c26a877532211a9
- SSDEEP
  
  6144:DQZa97d3GfilmqNxunXe8yhrtMsQBvli+RQFdq:DQZabG+vAO8qRMsrOQF
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence