5601bc9f8c75c48c256c2de5cd1faa4486eb3b8f3d1094e51c9af244eda76fb1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5601bc9f8c75c48c256c2de5cd1faa4486eb3b8f3d1094e51c9af244eda76fb1.exe
Size

295KB
Sample

240908-c3sy7szfln
MD5

9e7ee627e05f0f072b981b5ccd41487a
SHA1

8536b078905118fe8e29551ddad524469a782b90
SHA256

5601bc9f8c75c48c256c2de5cd1faa4486eb3b8f3d1094e51c9af244eda76fb1
SHA512

1cf6b1cbf1e056732f57bc3c708eafbadc9e574f1f2cd00dc1b6392f3537e20612033ab6ac77e049d05e5ad746dc5d07a024953121ea8f6e1c589b3e1193384a
SSDEEP

3072:7Vm+A853VPGO6jFbvBrtYKYrpBwHT0jY7lY7M+NYgTPB:5m+pTPGO6JLBrWXrpiCo+BTPB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5601bc9f8c75c48c256c2de5cd1faa4486eb3b8f3d1094e51c9af244eda76fb1.exe
- Size
  
  295KB
- MD5
  
  9e7ee627e05f0f072b981b5ccd41487a
- SHA1
  
  8536b078905118fe8e29551ddad524469a782b90
- SHA256
  
  5601bc9f8c75c48c256c2de5cd1faa4486eb3b8f3d1094e51c9af244eda76fb1
- SHA512
  
  1cf6b1cbf1e056732f57bc3c708eafbadc9e574f1f2cd00dc1b6392f3537e20612033ab6ac77e049d05e5ad746dc5d07a024953121ea8f6e1c589b3e1193384a
- SSDEEP
  
  3072:7Vm+A853VPGO6jFbvBrtYKYrpBwHT0jY7lY7M+NYgTPB:5m+pTPGO6JLBrWXrpiCo+BTPB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence