e0760967d0ddc25c1a504dcdb0226963af20743f6c06dee69c9484b6b39575b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0254b15fb69076dc377199c9fc6c8e0N
Size

163KB
Sample

240907-vlpvbswhjd
MD5

d0254b15fb69076dc377199c9fc6c8e0
SHA1

eeeff114a6cf26a0b31bded91c0972bc054f27d7
SHA256

e0760967d0ddc25c1a504dcdb0226963af20743f6c06dee69c9484b6b39575b3
SHA512

dc0ff2056bd98ae8bec240881795c4e62b10a1f068663b0dd40694e111b59df7a9aed884cc20382d64788db5eaefef059c2373628dccc3f746e04184ca6a347a
SSDEEP

3072:wlVppnPDmNd9I1jYrdwT8Xc75wzTtzYgnWAUjWDUIwLyc4F:oPnCfc75wzTtsgnwyDUFd4F

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d0254b15fb69076dc377199c9fc6c8e0N
- Size
  
  163KB
- MD5
  
  d0254b15fb69076dc377199c9fc6c8e0
- SHA1
  
  eeeff114a6cf26a0b31bded91c0972bc054f27d7
- SHA256
  
  e0760967d0ddc25c1a504dcdb0226963af20743f6c06dee69c9484b6b39575b3
- SHA512
  
  dc0ff2056bd98ae8bec240881795c4e62b10a1f068663b0dd40694e111b59df7a9aed884cc20382d64788db5eaefef059c2373628dccc3f746e04184ca6a347a
- SSDEEP
  
  3072:wlVppnPDmNd9I1jYrdwT8Xc75wzTtzYgnWAUjWDUIwLyc4F:oPnCfc75wzTtsgnwyDUFd4F
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence