3a7f0ff09bcf85df30f3e240868912a4e6cfb6fd7c6d13532051e071cdf7bbb4 | Triage

Sharing

General

Target

0ddbfed51e2747ba90999f154ee5be30N.exe
Size

80KB
Sample

240906-dz6lkatdlr
MD5

0ddbfed51e2747ba90999f154ee5be30
SHA1

2e2f0e0ce5f6529fb858f9bc0d31c7ada7bf783c
SHA256

3a7f0ff09bcf85df30f3e240868912a4e6cfb6fd7c6d13532051e071cdf7bbb4
SHA512

59cd8cac5df1e98df4a80ccb4a220866f237c0ff283d288747f90aed42192abffaa6e0f158b17d614d8bc6c13c84f6d51044d21c35742f4840ef1774c6bb3fb2
SSDEEP

1536:PGJuSdqTsyeyWWOMTHSMFl38cuXikvb+cNEeUrzZq8HRQApRJJ5R2xOSC4BG:PZsLHMTHSMFlkikvaQ8ZqQeirJ5wxO3X

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0ddbfed51e2747ba90999f154ee5be30N.exe
- Size
  
  80KB
- MD5
  
  0ddbfed51e2747ba90999f154ee5be30
- SHA1
  
  2e2f0e0ce5f6529fb858f9bc0d31c7ada7bf783c
- SHA256
  
  3a7f0ff09bcf85df30f3e240868912a4e6cfb6fd7c6d13532051e071cdf7bbb4
- SHA512
  
  59cd8cac5df1e98df4a80ccb4a220866f237c0ff283d288747f90aed42192abffaa6e0f158b17d614d8bc6c13c84f6d51044d21c35742f4840ef1774c6bb3fb2
- SSDEEP
  
  1536:PGJuSdqTsyeyWWOMTHSMFl38cuXikvb+cNEeUrzZq8HRQApRJJ5R2xOSC4BG:PZsLHMTHSMFlkikvaQ8ZqQeirJ5wxO3X
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence