3a46e36fe680e6f9c9d94cd41225c03020b7139c058ecc3eba1cbaee8338d48e | Triage

Sharing

General

Target

e657be1648ed20a2b45909ff2e3022f0N.exe
Size

479KB
Sample

240906-xtv3estbkp
MD5

e657be1648ed20a2b45909ff2e3022f0
SHA1

0c9f0dd359a30949d1fe99dd4b11451f1d889379
SHA256

3a46e36fe680e6f9c9d94cd41225c03020b7139c058ecc3eba1cbaee8338d48e
SHA512

b85df3c65c0881e881dc3aab8c4d68c7d29beb78c50240b4db7025254f84a9181820713fb24d6609bb250b7fe8b061aeadb0d92f51f1e3b9ab707e8f790008d7
SSDEEP

6144:EC7IoqmDErIRJ6EQnT2leTLgNPx33fpu2leTLg:Eib7RJ6EQ6Q2drQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e657be1648ed20a2b45909ff2e3022f0N.exe
- Size
  
  479KB
- MD5
  
  e657be1648ed20a2b45909ff2e3022f0
- SHA1
  
  0c9f0dd359a30949d1fe99dd4b11451f1d889379
- SHA256
  
  3a46e36fe680e6f9c9d94cd41225c03020b7139c058ecc3eba1cbaee8338d48e
- SHA512
  
  b85df3c65c0881e881dc3aab8c4d68c7d29beb78c50240b4db7025254f84a9181820713fb24d6609bb250b7fe8b061aeadb0d92f51f1e3b9ab707e8f790008d7
- SSDEEP
  
  6144:EC7IoqmDErIRJ6EQnT2leTLgNPx33fpu2leTLg:Eib7RJ6EQ6Q2drQ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence