ba8912e04366467caeaa52ef9f5038a8b0cfbc5e1bce372b23d32a1ffbbb775c | Triage

Sharing

General

Target

c6be2c8781b5ffb7fb7c12b59c270390N.exe
Size

1.1MB
Sample

240907-edt63stbnq
MD5

c6be2c8781b5ffb7fb7c12b59c270390
SHA1

f94a33bcaa2586d1ce8031c2fd1635a2e6d22773
SHA256

ba8912e04366467caeaa52ef9f5038a8b0cfbc5e1bce372b23d32a1ffbbb775c
SHA512

39beb2a252412b08f2ec736f1fc9a1c276b897eeda556016f41040067eeaebf4adb32cc94ffd919fad6896d47054e54c980b5fcaa62870740c99996bb566e6bf
SSDEEP

12288:+bLvuvc6IveDVqvQ6IvWEuzz5DWvl6IveDVqvQ6IvYvc6IveDVqvQ6IvGm05XEvy:+dq5hM5Dgq5h3q5hL6X1q5h3q5r

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c6be2c8781b5ffb7fb7c12b59c270390N.exe
- Size
  
  1.1MB
- MD5
  
  c6be2c8781b5ffb7fb7c12b59c270390
- SHA1
  
  f94a33bcaa2586d1ce8031c2fd1635a2e6d22773
- SHA256
  
  ba8912e04366467caeaa52ef9f5038a8b0cfbc5e1bce372b23d32a1ffbbb775c
- SHA512
  
  39beb2a252412b08f2ec736f1fc9a1c276b897eeda556016f41040067eeaebf4adb32cc94ffd919fad6896d47054e54c980b5fcaa62870740c99996bb566e6bf
- SSDEEP
  
  12288:+bLvuvc6IveDVqvQ6IvWEuzz5DWvl6IveDVqvQ6IvYvc6IveDVqvQ6IvGm05XEvy:+dq5hM5Dgq5h3q5hL6X1q5h3q5r
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence