56790bfe24809493218ca823e4399c740afdd330ef5a153512bd1f68c5f25727 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56790bfe24809493218ca823e4399c740afdd330ef5a153512bd1f68c5f25727
Size

59KB
Sample

240907-1ndgzaxblk
MD5

5557fe39e0b447c1798272d79b5b20e9
SHA1

7c3546ddf908edc24258e1b3202ae3cc7f9a73a6
SHA256

56790bfe24809493218ca823e4399c740afdd330ef5a153512bd1f68c5f25727
SHA512

fd73d0886560a1c2a6757579970ae17481d239cf1586e1da02b32d214d24a5ce2d44f660fbe44e4b16eb52938ca32e6f34668ccddb8d88a2e39d514c00c2241a
SSDEEP

768:oCb5OrK5MaWazT9XTNf5Ov2K8P0dq8qZ/1H5Ep5nf1fZMEBFELvkVgFRo:dFOr5GzT9XhhOvscAGrNCyVso

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  56790bfe24809493218ca823e4399c740afdd330ef5a153512bd1f68c5f25727
- Size
  
  59KB
- MD5
  
  5557fe39e0b447c1798272d79b5b20e9
- SHA1
  
  7c3546ddf908edc24258e1b3202ae3cc7f9a73a6
- SHA256
  
  56790bfe24809493218ca823e4399c740afdd330ef5a153512bd1f68c5f25727
- SHA512
  
  fd73d0886560a1c2a6757579970ae17481d239cf1586e1da02b32d214d24a5ce2d44f660fbe44e4b16eb52938ca32e6f34668ccddb8d88a2e39d514c00c2241a
- SSDEEP
  
  768:oCb5OrK5MaWazT9XTNf5Ov2K8P0dq8qZ/1H5Ep5nf1fZMEBFELvkVgFRo:dFOr5GzT9XhhOvscAGrNCyVso
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence