1c153c2119e318ffc8a8504dc9e3dec50e800b9bcc6ee8026ecce2242024b216 | Triage

Sharing

General

Target

Virus.Danger.ATA_virussign.com_e08fe1064804b32abdc954be2e785c30.exe
Size

661KB
Sample

240907-p1m2dswepm
MD5

e08fe1064804b32abdc954be2e785c30
SHA1

54ef9eaa2037bfaaea578190786fa3e52ca50809
SHA256

1c153c2119e318ffc8a8504dc9e3dec50e800b9bcc6ee8026ecce2242024b216
SHA512

d1687bff5dfe84ffcd8681b60f79a33d0e3a39013003ca9a2b2a7154e88ab158f0dbfc6a5585430a564edf95ab42b4af8ac78639bbb29562238b893b9b6d3b6d
SSDEEP

12288:rPQmlSEpV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDYL:MEW4XWleKWNUir2MhNl6zX3w9As/xO2E

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  Virus.Danger.ATA_virussign.com_e08fe1064804b32abdc954be2e785c30.exe
- Size
  
  661KB
- MD5
  
  e08fe1064804b32abdc954be2e785c30
- SHA1
  
  54ef9eaa2037bfaaea578190786fa3e52ca50809
- SHA256
  
  1c153c2119e318ffc8a8504dc9e3dec50e800b9bcc6ee8026ecce2242024b216
- SHA512
  
  d1687bff5dfe84ffcd8681b60f79a33d0e3a39013003ca9a2b2a7154e88ab158f0dbfc6a5585430a564edf95ab42b4af8ac78639bbb29562238b893b9b6d3b6d
- SSDEEP
  
  12288:rPQmlSEpV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDYL:MEW4XWleKWNUir2MhNl6zX3w9As/xO2E
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence