4970994a8f5513be9d5a57df8c611e1a1e8bd106f121f7598851bdbc9d8cf2e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4970994a8f5513be9d5a57df8c611e1a1e8bd106f121f7598851bdbc9d8cf2e3
Size

64KB
Sample

240907-z5bt2awalm
MD5

6bbd70a405dc39e7d40badce2a8ac5c2
SHA1

15aaf0f9f350f3fc4286c09f8222ed4340d798d1
SHA256

4970994a8f5513be9d5a57df8c611e1a1e8bd106f121f7598851bdbc9d8cf2e3
SHA512

4d9e953c098b967d4435dfc3433f0f4ed14fddd41b1d38e5f8ff0f7d02f500b1b21321eda7bfb2250ea1bed7e1cd063b7e456017c5dab7dfa75b9026b5462aa2
SSDEEP

768:0lCVjUkPjcpteStnOhDFUrrST9EE3/1VCBqR1/1H5Q6XJ1IwEGp9ThfzyYsHv:0kjZLFSwlF089EE3/1LF3XUwXfzwv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4970994a8f5513be9d5a57df8c611e1a1e8bd106f121f7598851bdbc9d8cf2e3
- Size
  
  64KB
- MD5
  
  6bbd70a405dc39e7d40badce2a8ac5c2
- SHA1
  
  15aaf0f9f350f3fc4286c09f8222ed4340d798d1
- SHA256
  
  4970994a8f5513be9d5a57df8c611e1a1e8bd106f121f7598851bdbc9d8cf2e3
- SHA512
  
  4d9e953c098b967d4435dfc3433f0f4ed14fddd41b1d38e5f8ff0f7d02f500b1b21321eda7bfb2250ea1bed7e1cd063b7e456017c5dab7dfa75b9026b5462aa2
- SSDEEP
  
  768:0lCVjUkPjcpteStnOhDFUrrST9EE3/1VCBqR1/1H5Q6XJ1IwEGp9ThfzyYsHv:0kjZLFSwlF089EE3/1LF3XUwXfzwv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence