9c7807dbfa308bb795c8415a3d22460c5a9c0ed7e25203293ef9412149afa998 | Triage

Sharing

General

Target

ef4f01682f4d5a09e8fe7dfeda848880N.exe
Size

89KB
Sample

240906-fw1l9ayalr
MD5

ef4f01682f4d5a09e8fe7dfeda848880
SHA1

79f54849b84d5b6fc4bb0bcd12704dea5e8488bf
SHA256

9c7807dbfa308bb795c8415a3d22460c5a9c0ed7e25203293ef9412149afa998
SHA512

ab8b76c4cd72e18fb91e7ab4da88bc0335dcadc84b8549f21d4c9fe0de1f9448cda4b7164363849f79c19958e48c973c348f058270730c3d1f79d834408dc17a
SSDEEP

1536:r6LHyFX3fuVmPEiR0P8STn3khhS7k4M0py7yN4A3aGz0RFCcBlExkg8Fk:2TyRvP50nj0uVpy7yzqGz03CcBlakgwk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ef4f01682f4d5a09e8fe7dfeda848880N.exe
- Size
  
  89KB
- MD5
  
  ef4f01682f4d5a09e8fe7dfeda848880
- SHA1
  
  79f54849b84d5b6fc4bb0bcd12704dea5e8488bf
- SHA256
  
  9c7807dbfa308bb795c8415a3d22460c5a9c0ed7e25203293ef9412149afa998
- SHA512
  
  ab8b76c4cd72e18fb91e7ab4da88bc0335dcadc84b8549f21d4c9fe0de1f9448cda4b7164363849f79c19958e48c973c348f058270730c3d1f79d834408dc17a
- SSDEEP
  
  1536:r6LHyFX3fuVmPEiR0P8STn3khhS7k4M0py7yN4A3aGz0RFCcBlExkg8Fk:2TyRvP50nj0uVpy7yzqGz03CcBlakgwk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence