c789f069ef3180b07b1dea8e399f2854534f8c073b6d62cd46b40d0ff64d31af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c789f069ef3180b07b1dea8e399f2854534f8c073b6d62cd46b40d0ff64d31af.exe
Size

427KB
Sample

240908-exa8bawckk
MD5

9c5fd262a4c136d579fa67b226411f1e
SHA1

5a9187919f601d835d644d2427cddf2ccec89db1
SHA256

c789f069ef3180b07b1dea8e399f2854534f8c073b6d62cd46b40d0ff64d31af
SHA512

275210c16d7bca90a4e37f4f2d2d47f629ac697294f5c1f95fb36466c09c5fb5b2f7508376f6565d2ee5f1b377b51c87885c30ba6db2b8ab8d2d0402bc074c59
SSDEEP

12288:vRmlnDTH2uusuuuuuuuuuuuuuuuuuuuuuufuuuuuSTYapJoTYapz8ye49vWq:vRKTHHnJunz8yes

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c789f069ef3180b07b1dea8e399f2854534f8c073b6d62cd46b40d0ff64d31af.exe
- Size
  
  427KB
- MD5
  
  9c5fd262a4c136d579fa67b226411f1e
- SHA1
  
  5a9187919f601d835d644d2427cddf2ccec89db1
- SHA256
  
  c789f069ef3180b07b1dea8e399f2854534f8c073b6d62cd46b40d0ff64d31af
- SHA512
  
  275210c16d7bca90a4e37f4f2d2d47f629ac697294f5c1f95fb36466c09c5fb5b2f7508376f6565d2ee5f1b377b51c87885c30ba6db2b8ab8d2d0402bc074c59
- SSDEEP
  
  12288:vRmlnDTH2uusuuuuuuuuuuuuuuuuuuuuuufuuuuuSTYapJoTYapz8ye49vWq:vRKTHHnJunz8yes
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence