9cab96dc33d6d71f131735cc53c5ed93b167e27116979bd7c8f78b95dab32b6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

597610d5a9ab31e1d67ca4b34ee93e40N
Size

207KB
Sample

240908-rqnw2s1amq
MD5

597610d5a9ab31e1d67ca4b34ee93e40
SHA1

b6ea4aa6b743f7a49cb23c5ddef048b429ef8221
SHA256

9cab96dc33d6d71f131735cc53c5ed93b167e27116979bd7c8f78b95dab32b6c
SHA512

8a901c7baf5973ed20b51b41b4a5ea92ca97c47c17e163581ce21438db6e6950c1ca49e75037383c5ed7cebce39c3f40b334bbce8aea4d0c16a65ae15e369bfb
SSDEEP

6144:wz6uuXb3C7LgECFrwpvVjj+VPj92d62ASOwj:66TXrC77CRkpIPj92aSOc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  597610d5a9ab31e1d67ca4b34ee93e40N
- Size
  
  207KB
- MD5
  
  597610d5a9ab31e1d67ca4b34ee93e40
- SHA1
  
  b6ea4aa6b743f7a49cb23c5ddef048b429ef8221
- SHA256
  
  9cab96dc33d6d71f131735cc53c5ed93b167e27116979bd7c8f78b95dab32b6c
- SHA512
  
  8a901c7baf5973ed20b51b41b4a5ea92ca97c47c17e163581ce21438db6e6950c1ca49e75037383c5ed7cebce39c3f40b334bbce8aea4d0c16a65ae15e369bfb
- SSDEEP
  
  6144:wz6uuXb3C7LgECFrwpvVjj+VPj92d62ASOwj:66TXrC77CRkpIPj92aSOc
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence