6b2603b45c002b629acf111b506b11492b35e9811269c02fc92be00a28f7bb41 | Triage

Sharing

General

Target

6b2603b45c002b629acf111b506b11492b35e9811269c02fc92be00a28f7bb41
Size

320KB
Sample

240908-2vh7gazark
MD5

5c49133803995fd32556781fe641b071
SHA1

cd6076eb9b93a810f342e5b345182f032c687c72
SHA256

6b2603b45c002b629acf111b506b11492b35e9811269c02fc92be00a28f7bb41
SHA512

7db4725777fb179af9600b8b974fe88e05aba65764d19ca5c0c74a7da50b957adde4d28a8cc52ee3643aeb24680ec58a35ab407133461cd09d70713fbb5eb1ea
SSDEEP

6144:XUP/mHvlrY/m05XUEtMEX6vluZV4U/vlf0DrBqvl8ZV4U/vlfl+9Q:s6vcm05XEvG6IveDVqvQ6IvP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6b2603b45c002b629acf111b506b11492b35e9811269c02fc92be00a28f7bb41
- Size
  
  320KB
- MD5
  
  5c49133803995fd32556781fe641b071
- SHA1
  
  cd6076eb9b93a810f342e5b345182f032c687c72
- SHA256
  
  6b2603b45c002b629acf111b506b11492b35e9811269c02fc92be00a28f7bb41
- SHA512
  
  7db4725777fb179af9600b8b974fe88e05aba65764d19ca5c0c74a7da50b957adde4d28a8cc52ee3643aeb24680ec58a35ab407133461cd09d70713fbb5eb1ea
- SSDEEP
  
  6144:XUP/mHvlrY/m05XUEtMEX6vluZV4U/vlf0DrBqvl8ZV4U/vlfl+9Q:s6vcm05XEvG6IveDVqvQ6IvP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence