3cfa3556c307e91c2c566ed335a021fc0fbb7203a56d2a472aa9572c3ad07e54 | Triage

Sharing

General

Target

baf668bf61e2dc73c511d473fd0c1a70N
Size

128KB
Sample

240907-3g3vds1fnm
MD5

baf668bf61e2dc73c511d473fd0c1a70
SHA1

5ee3e87313d58b49863bf8a1212fda5112323287
SHA256

3cfa3556c307e91c2c566ed335a021fc0fbb7203a56d2a472aa9572c3ad07e54
SHA512

2c1209438dffea8a83b3b5c0bf13d434e6d56122bf2e73d56c8541640e90409148043c74e938acb07579bed1e3eae379b94cbeb063d4b69f1a3b8f04b3ea3b7b
SSDEEP

3072:9GJ2FrFJGz6585gEheT5IozdH13+EE+RaZ6r+GDZnr:ocFpJeCEkT5Iozd5IF6rfBr

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  baf668bf61e2dc73c511d473fd0c1a70N
- Size
  
  128KB
- MD5
  
  baf668bf61e2dc73c511d473fd0c1a70
- SHA1
  
  5ee3e87313d58b49863bf8a1212fda5112323287
- SHA256
  
  3cfa3556c307e91c2c566ed335a021fc0fbb7203a56d2a472aa9572c3ad07e54
- SHA512
  
  2c1209438dffea8a83b3b5c0bf13d434e6d56122bf2e73d56c8541640e90409148043c74e938acb07579bed1e3eae379b94cbeb063d4b69f1a3b8f04b3ea3b7b
- SSDEEP
  
  3072:9GJ2FrFJGz6585gEheT5IozdH13+EE+RaZ6r+GDZnr:ocFpJeCEkT5Iozd5IF6rfBr
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence