6d17bf73014916e6e8e3117e1a07292b4591f0fddc63b5d586bf10c5cca80c95 | Triage

Sharing

General

Target

4e81f8959bddc46ea259411370d290e0N
Size

95KB
Sample

240908-mxe59svajh
MD5

4e81f8959bddc46ea259411370d290e0
SHA1

0247bd1f5917c97f6ab1806022a79c9d771d67f2
SHA256

6d17bf73014916e6e8e3117e1a07292b4591f0fddc63b5d586bf10c5cca80c95
SHA512

1e3316fbdad630cd648f8e023d63d7e415bcf271f429a50e1a28d32f4e268fa5daae57b64ae5c2450578e7c08621244d73cdce6f5f72c1a86c2bcf6523358d96
SSDEEP

1536:EMlHpcqRMCCdYfOjjg97RIbyX4DFYgY+a4zNGgCbThHNJLj+POM6bOLXi8PmCofm:7FQdYf/W31Y+/Cbtjj+PDrLXfzoeV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4e81f8959bddc46ea259411370d290e0N
- Size
  
  95KB
- MD5
  
  4e81f8959bddc46ea259411370d290e0
- SHA1
  
  0247bd1f5917c97f6ab1806022a79c9d771d67f2
- SHA256
  
  6d17bf73014916e6e8e3117e1a07292b4591f0fddc63b5d586bf10c5cca80c95
- SHA512
  
  1e3316fbdad630cd648f8e023d63d7e415bcf271f429a50e1a28d32f4e268fa5daae57b64ae5c2450578e7c08621244d73cdce6f5f72c1a86c2bcf6523358d96
- SSDEEP
  
  1536:EMlHpcqRMCCdYfOjjg97RIbyX4DFYgY+a4zNGgCbThHNJLj+POM6bOLXi8PmCofm:7FQdYf/W31Y+/Cbtjj+PDrLXfzoeV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence