203db29c7aa53362096a58babc3e1f41fa3da585998eb39048ea1dbb034023b3 | Triage

Sharing

General

Target

86bf246a1f9c1c02b76dd3a54a67ac70N
Size

208KB
Sample

240907-xcnl1sydkm
MD5

86bf246a1f9c1c02b76dd3a54a67ac70
SHA1

efe85fd9a66ba527df2abb2cf2b362b31a1a5ce6
SHA256

203db29c7aa53362096a58babc3e1f41fa3da585998eb39048ea1dbb034023b3
SHA512

52bd8f7806ba5994820964224108d18fc2601183fecff586e2e86d06b2b49200779b4fe1609278e62f9495918bce8298d7b12e27fcbfd2e13ef01c95f600a567
SSDEEP

3072:PtGxB50CGBO6+oXO56hKpi9poF5aY6+oocpGHHQnNJuIb:lbCa/+Eu6QnFw5+0pU8b

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  86bf246a1f9c1c02b76dd3a54a67ac70N
- Size
  
  208KB
- MD5
  
  86bf246a1f9c1c02b76dd3a54a67ac70
- SHA1
  
  efe85fd9a66ba527df2abb2cf2b362b31a1a5ce6
- SHA256
  
  203db29c7aa53362096a58babc3e1f41fa3da585998eb39048ea1dbb034023b3
- SHA512
  
  52bd8f7806ba5994820964224108d18fc2601183fecff586e2e86d06b2b49200779b4fe1609278e62f9495918bce8298d7b12e27fcbfd2e13ef01c95f600a567
- SSDEEP
  
  3072:PtGxB50CGBO6+oXO56hKpi9poF5aY6+oocpGHHQnNJuIb:lbCa/+Eu6QnFw5+0pU8b
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence