199722daa34106114d9468650e81835194fe170e29b3c1b3b5a94358452ffa2c | Triage

Sharing

General

Target

fd8739986a1471052a1340a41e91a030N.exe
Size

95KB
Sample

240906-tpbanswamp
MD5

fd8739986a1471052a1340a41e91a030
SHA1

896f6b15a716b1ccdb67c20aa604537ba4825d31
SHA256

199722daa34106114d9468650e81835194fe170e29b3c1b3b5a94358452ffa2c
SHA512

566039ed2af1149b30d8c8324aa7e33dcbbc7939baebcb9ec2f9294e962c88e8f7871a8b3ed906287d45bcdc776d25ff5f1b05d9b638e8dfb71f13a2b583a318
SSDEEP

1536:mkFWmcaTKWLgm24Spqu4PcPSrTzmx2KV/RQr2RVRoRch1dROrwpOudRirVtFsrTO:3Fzcae74zuY5TzmxveCTWM1dQrTOwZtB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fd8739986a1471052a1340a41e91a030N.exe
- Size
  
  95KB
- MD5
  
  fd8739986a1471052a1340a41e91a030
- SHA1
  
  896f6b15a716b1ccdb67c20aa604537ba4825d31
- SHA256
  
  199722daa34106114d9468650e81835194fe170e29b3c1b3b5a94358452ffa2c
- SHA512
  
  566039ed2af1149b30d8c8324aa7e33dcbbc7939baebcb9ec2f9294e962c88e8f7871a8b3ed906287d45bcdc776d25ff5f1b05d9b638e8dfb71f13a2b583a318
- SSDEEP
  
  1536:mkFWmcaTKWLgm24Spqu4PcPSrTzmx2KV/RQr2RVRoRch1dROrwpOudRirVtFsrTO:3Fzcae74zuY5TzmxveCTWM1dQrTOwZtB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence