0428a9041eb21c922c24d0a17314231716a68f9b64f742cc080034029ba25725 | Triage

Sharing

General

Target

0428a9041eb21c922c24d0a17314231716a68f9b64f742cc080034029ba25725
Size

99KB
Sample

240907-wvq97axcrk
MD5

a9388da4f142e66828a988bda0f6b187
SHA1

e9cb8e68e82f049e50fe627065cf68b429bacf45
SHA256

0428a9041eb21c922c24d0a17314231716a68f9b64f742cc080034029ba25725
SHA512

1d32b21906c5b9fc932f16a373a78c6f121d1291bc4c4652eb4a19a59b57af09faf1705e26835f7df8b2204f6f46dcf353fbad72c023b880336e50d0417b5488
SSDEEP

3072:/gO0oWP8bMoiU0Qv3oxZWDpgb3a3+X13XRzG:MP8AanDW7aOl3BzG

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0428a9041eb21c922c24d0a17314231716a68f9b64f742cc080034029ba25725
- Size
  
  99KB
- MD5
  
  a9388da4f142e66828a988bda0f6b187
- SHA1
  
  e9cb8e68e82f049e50fe627065cf68b429bacf45
- SHA256
  
  0428a9041eb21c922c24d0a17314231716a68f9b64f742cc080034029ba25725
- SHA512
  
  1d32b21906c5b9fc932f16a373a78c6f121d1291bc4c4652eb4a19a59b57af09faf1705e26835f7df8b2204f6f46dcf353fbad72c023b880336e50d0417b5488
- SSDEEP
  
  3072:/gO0oWP8bMoiU0Qv3oxZWDpgb3a3+X13XRzG:MP8AanDW7aOl3BzG
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence