a65e5b18a81e7c51706082c9edd29e9f0a94682ec5cae7f418344602aeb6e2d7 | Triage

Sharing

General

Target

8ee52508b223e807631b8e3129f2f200N.exe
Size

249KB
Sample

240906-y6r2zawgke
MD5

8ee52508b223e807631b8e3129f2f200
SHA1

34852fb68ccea113d742b58997a6fe30860f6879
SHA256

a65e5b18a81e7c51706082c9edd29e9f0a94682ec5cae7f418344602aeb6e2d7
SHA512

3ddca5a2f56bdbb8d1820a4684462cac8444684bdddb9643b6e8e8e736ee2ba49c9511cbf3f548ce1aa3726114faeab153ed6cce9ebe2c60e005759899425835
SSDEEP

3072:JgnHNXMMSCbeQbTriPeyUEdmjRrz3TIUV4BKxAcL5CY2VePI8C3U/XYMJ2okZk:iiK7HTREdGTBki5CYtI8TAokZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8ee52508b223e807631b8e3129f2f200N.exe
- Size
  
  249KB
- MD5
  
  8ee52508b223e807631b8e3129f2f200
- SHA1
  
  34852fb68ccea113d742b58997a6fe30860f6879
- SHA256
  
  a65e5b18a81e7c51706082c9edd29e9f0a94682ec5cae7f418344602aeb6e2d7
- SHA512
  
  3ddca5a2f56bdbb8d1820a4684462cac8444684bdddb9643b6e8e8e736ee2ba49c9511cbf3f548ce1aa3726114faeab153ed6cce9ebe2c60e005759899425835
- SSDEEP
  
  3072:JgnHNXMMSCbeQbTriPeyUEdmjRrz3TIUV4BKxAcL5CY2VePI8C3U/XYMJ2okZk:iiK7HTREdGTBki5CYtI8TAokZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence