8ed979c37db832f6f565831c14a58854baf2d8cf76327717e6610682d2dc2fef | Triage

Sharing

General

Target

8ed979c37db832f6f565831c14a58854baf2d8cf76327717e6610682d2dc2fef
Size

194KB
Sample

240907-3yyl1asemm
MD5

94f9776769bcddf59716aedd1cfb7980
SHA1

070d8a1df405dfa82196c03ed2fa76eeaf63a00d
SHA256

8ed979c37db832f6f565831c14a58854baf2d8cf76327717e6610682d2dc2fef
SHA512

f2103494db9c80a185d1921e15010a692782fcf7656460e9a6743c3ba0dc202bce6ba3538f320d717b5ddc738469b0816c522b4a3828c781d20fe4e217fc79ad
SSDEEP

3072:N+vNDaw087n7r2CRKTyfOmMIM/kEmMIGumMIc/1GV:NK7r2zTmO5/pbuh/UV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8ed979c37db832f6f565831c14a58854baf2d8cf76327717e6610682d2dc2fef
- Size
  
  194KB
- MD5
  
  94f9776769bcddf59716aedd1cfb7980
- SHA1
  
  070d8a1df405dfa82196c03ed2fa76eeaf63a00d
- SHA256
  
  8ed979c37db832f6f565831c14a58854baf2d8cf76327717e6610682d2dc2fef
- SHA512
  
  f2103494db9c80a185d1921e15010a692782fcf7656460e9a6743c3ba0dc202bce6ba3538f320d717b5ddc738469b0816c522b4a3828c781d20fe4e217fc79ad
- SSDEEP
  
  3072:N+vNDaw087n7r2CRKTyfOmMIM/kEmMIGumMIc/1GV:NK7r2zTmO5/pbuh/UV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence