16145fca97e1828689d0d411918abc60d0131f44238b9b9ff9e69b2132a68c10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16145fca97e1828689d0d411918abc60d0131f44238b9b9ff9e69b2132a68c10
Size

324KB
Sample

240907-xry2assbqf
MD5

7fbc6e7e17baf760662d653d753a15e4
SHA1

4ec89e9f2c350e99d660705db0e213696f719d32
SHA256

16145fca97e1828689d0d411918abc60d0131f44238b9b9ff9e69b2132a68c10
SHA512

771d5a3b34b40e499290d5a0f8fc58a6cb771d1d1af4ce8e344cd79c28c05d76b22e02c8a196a19ac7ed86c231fddfc27b84e10d254e0153d9ce8d21cb1d556d
SSDEEP

6144:5xwWIyMXrv2zd5IF6rfBBcVPINRFYpfZvT6zAWq6JMf3us8ws:5SWcup5IFy5BcVPINRFYpfZvTmAWqeM2

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  16145fca97e1828689d0d411918abc60d0131f44238b9b9ff9e69b2132a68c10
- Size
  
  324KB
- MD5
  
  7fbc6e7e17baf760662d653d753a15e4
- SHA1
  
  4ec89e9f2c350e99d660705db0e213696f719d32
- SHA256
  
  16145fca97e1828689d0d411918abc60d0131f44238b9b9ff9e69b2132a68c10
- SHA512
  
  771d5a3b34b40e499290d5a0f8fc58a6cb771d1d1af4ce8e344cd79c28c05d76b22e02c8a196a19ac7ed86c231fddfc27b84e10d254e0153d9ce8d21cb1d556d
- SSDEEP
  
  6144:5xwWIyMXrv2zd5IF6rfBBcVPINRFYpfZvT6zAWq6JMf3us8ws:5SWcup5IFy5BcVPINRFYpfZvTmAWqeM2
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence