6b1820a6040832d299b7549cef31ba1bfe2cc7ca01f2bc62edbf212b211e10c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f30dfc58ba5ff1cf53bae7126e2cb250N.exe
Size

188KB
Sample

240907-nhb1qs1gpl
MD5

f30dfc58ba5ff1cf53bae7126e2cb250
SHA1

eac693f2e51cc1ac89e383639ee015cce533d2c7
SHA256

6b1820a6040832d299b7549cef31ba1bfe2cc7ca01f2bc62edbf212b211e10c8
SHA512

65f212368d0128888cfa41e088701f91d62b75d2cbf046c748497fceec18b8df4e725754d4b519e8f9caabdac74661f962ec52e2a8d79536aeea6877ad6988f1
SSDEEP

3072:B5q1HT1+MeoTxgkY1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:Xqd1+VoTPY1AelhEN4MujGJoSoDco

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f30dfc58ba5ff1cf53bae7126e2cb250N.exe
- Size
  
  188KB
- MD5
  
  f30dfc58ba5ff1cf53bae7126e2cb250
- SHA1
  
  eac693f2e51cc1ac89e383639ee015cce533d2c7
- SHA256
  
  6b1820a6040832d299b7549cef31ba1bfe2cc7ca01f2bc62edbf212b211e10c8
- SHA512
  
  65f212368d0128888cfa41e088701f91d62b75d2cbf046c748497fceec18b8df4e725754d4b519e8f9caabdac74661f962ec52e2a8d79536aeea6877ad6988f1
- SSDEEP
  
  3072:B5q1HT1+MeoTxgkY1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:Xqd1+VoTPY1AelhEN4MujGJoSoDco
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence