abda24aa6ed58cc41389eeb0defc47105c1c98b85a797db8be705fba3babae7f | Triage

Sharing

General

Target

Virus.Danger.ATA_virussign.com_e8d75498ab438d61e21b26aecb252286.exe
Size

704KB
Sample

240907-pmgmfsvapn
MD5

e8d75498ab438d61e21b26aecb252286
SHA1

e13e4bb2a842360b719c897c5c4e030f8559388f
SHA256

abda24aa6ed58cc41389eeb0defc47105c1c98b85a797db8be705fba3babae7f
SHA512

16d7c12d267a993e1cc6ff71e25269ec398d8a8bf3a54fa4def7460d08e559222c1336d5de60aeb883970063d704ad368fbcf38ba8311d1f3d862db33f961048
SSDEEP

12288:hxiR/t3kY660fIaDZkY660f8jTK/XhdAwlt01PBExKN4P6Ir:mR/hgsaDZgQjGkwlksd

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  Virus.Danger.ATA_virussign.com_e8d75498ab438d61e21b26aecb252286.exe
- Size
  
  704KB
- MD5
  
  e8d75498ab438d61e21b26aecb252286
- SHA1
  
  e13e4bb2a842360b719c897c5c4e030f8559388f
- SHA256
  
  abda24aa6ed58cc41389eeb0defc47105c1c98b85a797db8be705fba3babae7f
- SHA512
  
  16d7c12d267a993e1cc6ff71e25269ec398d8a8bf3a54fa4def7460d08e559222c1336d5de60aeb883970063d704ad368fbcf38ba8311d1f3d862db33f961048
- SSDEEP
  
  12288:hxiR/t3kY660fIaDZkY660f8jTK/XhdAwlt01PBExKN4P6Ir:mR/hgsaDZgQjGkwlksd
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence