58eb0ed6a9e8b9b14dc9fdd4745edb6817bfc057bf96c691e3188b05e2eb2048 | Triage

Sharing

General

Target

58eb0ed6a9e8b9b14dc9fdd4745edb6817bfc057bf96c691e3188b05e2eb2048
Size

468KB
Sample

240907-1saxmszdjh
MD5

b4d205d946241e30bfac52a6b4dc4758
SHA1

0155f435d51bbaca12ac3445627e8991dde78685
SHA256

58eb0ed6a9e8b9b14dc9fdd4745edb6817bfc057bf96c691e3188b05e2eb2048
SHA512

4a9c01f692a6b1de7d0c58668acb5a42e30a6d1350c8ab78bbe1eb6a17c1be98deb046bfc7f520e5b0fb318156696240fd4b3e9239ac258feac37852ff7c5470
SSDEEP

3072:1bA4ogIdId5jtbYSPOtjcc8/52C4P3p5ymHTkVqh5ef84sQ6XGql0:1bLowbjtlPOjccnZ3h5eU9pXG

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  58eb0ed6a9e8b9b14dc9fdd4745edb6817bfc057bf96c691e3188b05e2eb2048
- Size
  
  468KB
- MD5
  
  b4d205d946241e30bfac52a6b4dc4758
- SHA1
  
  0155f435d51bbaca12ac3445627e8991dde78685
- SHA256
  
  58eb0ed6a9e8b9b14dc9fdd4745edb6817bfc057bf96c691e3188b05e2eb2048
- SHA512
  
  4a9c01f692a6b1de7d0c58668acb5a42e30a6d1350c8ab78bbe1eb6a17c1be98deb046bfc7f520e5b0fb318156696240fd4b3e9239ac258feac37852ff7c5470
- SSDEEP
  
  3072:1bA4ogIdId5jtbYSPOtjcc8/52C4P3p5ymHTkVqh5ef84sQ6XGql0:1bLowbjtlPOjccnZ3h5eU9pXG
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence