65a8fda6c52955542028465c3336a59fc573e40b596acde8074c62f2be297dbe | Triage

Sharing

General

Target

e0f0d8c12aae3a5b38441c4a5dc8d620N.exe
Size

400KB
Sample

240907-hamvdazcqd
MD5

e0f0d8c12aae3a5b38441c4a5dc8d620
SHA1

9b70e5b8b10ad848148e58d8c295bb1d03ff117d
SHA256

65a8fda6c52955542028465c3336a59fc573e40b596acde8074c62f2be297dbe
SHA512

9605f5222ed469953acb1b03a8908fd1ba8e869321cb175aa3b016cf0bbb2f4333cc136bb77977219b42892e79aeacffceb1d8777e9997aa4ac978706dfd2573
SSDEEP

6144:bMXUADytdLAY/Xr4Br3CbArLAZ26RQ8sY6CbArLAY/9bPk6Cbv:20Rrgryg426RQagrkj

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e0f0d8c12aae3a5b38441c4a5dc8d620N.exe
- Size
  
  400KB
- MD5
  
  e0f0d8c12aae3a5b38441c4a5dc8d620
- SHA1
  
  9b70e5b8b10ad848148e58d8c295bb1d03ff117d
- SHA256
  
  65a8fda6c52955542028465c3336a59fc573e40b596acde8074c62f2be297dbe
- SHA512
  
  9605f5222ed469953acb1b03a8908fd1ba8e869321cb175aa3b016cf0bbb2f4333cc136bb77977219b42892e79aeacffceb1d8777e9997aa4ac978706dfd2573
- SSDEEP
  
  6144:bMXUADytdLAY/Xr4Br3CbArLAZ26RQ8sY6CbArLAY/9bPk6Cbv:20Rrgryg426RQagrkj
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence