6609d2fbb8ff3104a08a428ef2533a8a92d846d33b7bccbf800a7db7fbe8382d | Triage

Sharing

General

Target

02da3f068b1c4a0244a313e32dd032e0N.exe
Size

1000KB
Sample

240906-hg817a1hmr
MD5

02da3f068b1c4a0244a313e32dd032e0
SHA1

71ecf25f00a1c7d9dc06143fcd20f610069d52bd
SHA256

6609d2fbb8ff3104a08a428ef2533a8a92d846d33b7bccbf800a7db7fbe8382d
SHA512

a5111dd473c423ecc75c3f4afad5d5c1b8d2254eef23eda5f5765b229407e5e68e1fd4dbe66299ab4ffb739667d1d64addf2597432e853677ff41ea9750393e8
SSDEEP

6144:Jt8i1amAxDHBFLqWjjgwTgZLnSnLrTSxJ2JrYXklSu9lIhBBJKQh31GTYUCIIYy7:bwtHBFLPj3TmLnWrOxNuxC97hFq9o7

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  02da3f068b1c4a0244a313e32dd032e0N.exe
- Size
  
  1000KB
- MD5
  
  02da3f068b1c4a0244a313e32dd032e0
- SHA1
  
  71ecf25f00a1c7d9dc06143fcd20f610069d52bd
- SHA256
  
  6609d2fbb8ff3104a08a428ef2533a8a92d846d33b7bccbf800a7db7fbe8382d
- SHA512
  
  a5111dd473c423ecc75c3f4afad5d5c1b8d2254eef23eda5f5765b229407e5e68e1fd4dbe66299ab4ffb739667d1d64addf2597432e853677ff41ea9750393e8
- SSDEEP
  
  6144:Jt8i1amAxDHBFLqWjjgwTgZLnSnLrTSxJ2JrYXklSu9lIhBBJKQh31GTYUCIIYy7:bwtHBFLPj3TmLnWrOxNuxC97hFq9o7
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence