47c395a8358996b1bc4bf1850ee6a96428c96e275a5f801b0f726b7e46469f92 | Triage

Sharing

General

Target

47c395a8358996b1bc4bf1850ee6a96428c96e275a5f801b0f726b7e46469f92.exe
Size

1.6MB
Sample

240908-cswbks1hjc
MD5

e22b89d67f7e29c4f269147facfc97a3
SHA1

d88a0e1542f0733f9f48c8834349e66bdf0ef77a
SHA256

47c395a8358996b1bc4bf1850ee6a96428c96e275a5f801b0f726b7e46469f92
SHA512

c8537fc309720c153ae231fd47ef8a4e2991ef831493b912f9193ee8649cbdeda964446b098237b6d6de94b7b650d1422f422e03588cf85c202202b2734f6fff
SSDEEP

12288:gvM0m5ByvNv5WOrKK/4en+czMRlWq8/sa9MbO:yM0m6vrWTKwe+xgq8/xMbO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  47c395a8358996b1bc4bf1850ee6a96428c96e275a5f801b0f726b7e46469f92.exe
- Size
  
  1.6MB
- MD5
  
  e22b89d67f7e29c4f269147facfc97a3
- SHA1
  
  d88a0e1542f0733f9f48c8834349e66bdf0ef77a
- SHA256
  
  47c395a8358996b1bc4bf1850ee6a96428c96e275a5f801b0f726b7e46469f92
- SHA512
  
  c8537fc309720c153ae231fd47ef8a4e2991ef831493b912f9193ee8649cbdeda964446b098237b6d6de94b7b650d1422f422e03588cf85c202202b2734f6fff
- SSDEEP
  
  12288:gvM0m5ByvNv5WOrKK/4en+czMRlWq8/sa9MbO:yM0m6vrWTKwe+xgq8/xMbO
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence