ac98c0d0182f9a5c9393aec1ea724c10e21b33b712f96cc74ad28ade02bfb1f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbb42e3192b90482e6228a5440f13cd0N
Size

2.3MB
Sample

240907-vc31latfkr
MD5

fbb42e3192b90482e6228a5440f13cd0
SHA1

a36e080a516051e75717e8e5bbf3868094b09d39
SHA256

ac98c0d0182f9a5c9393aec1ea724c10e21b33b712f96cc74ad28ade02bfb1f8
SHA512

38d93a9e26420508195113ce4bb60d86ffaf23af8e9e7f14887b573073991a3d75dca483b113b4966b9bf02b54dcfb45d40a23da7a67f4544ad7c60662f44fbd
SSDEEP

3072:kg0kdMsDWyf7yXv7Z+6vlcZ0I/I0Q5OPIN+/cuTQ2TgRX7Jg3A9z:7dMAn7y/7ZdvlcZVgp54tRo7KA9z

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fbb42e3192b90482e6228a5440f13cd0N
- Size
  
  2.3MB
- MD5
  
  fbb42e3192b90482e6228a5440f13cd0
- SHA1
  
  a36e080a516051e75717e8e5bbf3868094b09d39
- SHA256
  
  ac98c0d0182f9a5c9393aec1ea724c10e21b33b712f96cc74ad28ade02bfb1f8
- SHA512
  
  38d93a9e26420508195113ce4bb60d86ffaf23af8e9e7f14887b573073991a3d75dca483b113b4966b9bf02b54dcfb45d40a23da7a67f4544ad7c60662f44fbd
- SSDEEP
  
  3072:kg0kdMsDWyf7yXv7Z+6vlcZ0I/I0Q5OPIN+/cuTQ2TgRX7Jg3A9z:7dMAn7y/7ZdvlcZVgp54tRo7KA9z
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence