d26abc2be6bde4e538575b3e039294598104cc579e419a43bc48e9f727c55b1f | Triage

Sharing

General

Target

d26abc2be6bde4e538575b3e039294598104cc579e419a43bc48e9f727c55b1f.exe
Size

290KB
Sample

240908-n214zavbnl
MD5

e00bc3fa7f16f66280fc46926d5d1b90
SHA1

2055b9148a0b5c17634945e9575245b94be2c6f9
SHA256

d26abc2be6bde4e538575b3e039294598104cc579e419a43bc48e9f727c55b1f
SHA512

92d741f44f7c22ed2b7bd0d6b8c02b6663ecb0125d38479297cd1209d333480be958b0d309d7dd07aa872508ea32ba1e69fe46997f43d56140ad0dff23aec8a6
SSDEEP

6144:l/8GHfgH+R7eySSKpRmSKeTk7eT74wBemiopySSKpRmSKeTk7eT:l8GHoeRQKr7wgmiQKr

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d26abc2be6bde4e538575b3e039294598104cc579e419a43bc48e9f727c55b1f.exe
- Size
  
  290KB
- MD5
  
  e00bc3fa7f16f66280fc46926d5d1b90
- SHA1
  
  2055b9148a0b5c17634945e9575245b94be2c6f9
- SHA256
  
  d26abc2be6bde4e538575b3e039294598104cc579e419a43bc48e9f727c55b1f
- SHA512
  
  92d741f44f7c22ed2b7bd0d6b8c02b6663ecb0125d38479297cd1209d333480be958b0d309d7dd07aa872508ea32ba1e69fe46997f43d56140ad0dff23aec8a6
- SSDEEP
  
  6144:l/8GHfgH+R7eySSKpRmSKeTk7eT74wBemiopySSKpRmSKeTk7eT:l8GHoeRQKr7wgmiQKr
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence