cb244a7a2ca0d92efb532752e3807dd2f5523345bc83318d67d2ff3c4fcc603f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b9f0ad089e5b8ffc476d478222ca470N
Size

64KB
Sample

240908-hfrqhssakq
MD5

5b9f0ad089e5b8ffc476d478222ca470
SHA1

be076739e2a98c8bc349a1fd50fc0fb2ebf6465e
SHA256

cb244a7a2ca0d92efb532752e3807dd2f5523345bc83318d67d2ff3c4fcc603f
SHA512

7a7c51139c599c608a42d717b851d7cee3e02612b67be53f4e53004de48ee7565d5dc0a59fa2b5ee41e873d75ef9fc20f4949c824a3b453431a8795be1d14335
SSDEEP

1536:h7dQPLes0k0dto+l1QZI480UXruCHcpzt/Idn:hZQTVxeH1QqgpFwn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5b9f0ad089e5b8ffc476d478222ca470N
- Size
  
  64KB
- MD5
  
  5b9f0ad089e5b8ffc476d478222ca470
- SHA1
  
  be076739e2a98c8bc349a1fd50fc0fb2ebf6465e
- SHA256
  
  cb244a7a2ca0d92efb532752e3807dd2f5523345bc83318d67d2ff3c4fcc603f
- SHA512
  
  7a7c51139c599c608a42d717b851d7cee3e02612b67be53f4e53004de48ee7565d5dc0a59fa2b5ee41e873d75ef9fc20f4949c824a3b453431a8795be1d14335
- SSDEEP
  
  1536:h7dQPLes0k0dto+l1QZI480UXruCHcpzt/Idn:hZQTVxeH1QqgpFwn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence