f9a016b06f4d086c8907ac8d95d10f9fac29a913fcae501a2a0e4595c055d33d | Triage

Sharing

General

Target

6592da3c18879fc4d5fd442bcbd167f0N.exe
Size

669KB
Sample

240906-jb41qatemn
MD5

6592da3c18879fc4d5fd442bcbd167f0
SHA1

053507ff8a4c8084b5541ee1e7bed3147cfa5661
SHA256

f9a016b06f4d086c8907ac8d95d10f9fac29a913fcae501a2a0e4595c055d33d
SHA512

0e25d7b956a92dfc51d1f988d70ba5b73f723f1bdf80e38719534d5232a82ab85ed490235cde8a780e66103d1c63e4c77eeb4862843fcc49a9a291c6c9a4f048
SSDEEP

12288:yFb0eVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:yFTchMpQnqrdX72LbY6x46uR/qYglMi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6592da3c18879fc4d5fd442bcbd167f0N.exe
- Size
  
  669KB
- MD5
  
  6592da3c18879fc4d5fd442bcbd167f0
- SHA1
  
  053507ff8a4c8084b5541ee1e7bed3147cfa5661
- SHA256
  
  f9a016b06f4d086c8907ac8d95d10f9fac29a913fcae501a2a0e4595c055d33d
- SHA512
  
  0e25d7b956a92dfc51d1f988d70ba5b73f723f1bdf80e38719534d5232a82ab85ed490235cde8a780e66103d1c63e4c77eeb4862843fcc49a9a291c6c9a4f048
- SSDEEP
  
  12288:yFb0eVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:yFTchMpQnqrdX72LbY6x46uR/qYglMi
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence