21fd31991f5c6ca49407e85e9983853116be3a9440ab811e6d5f494bf6f81084 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86810fb40ca3e940568cd660f5e4c7c0N
Size

96KB
Sample

240908-t5w73sweqp
MD5

86810fb40ca3e940568cd660f5e4c7c0
SHA1

20a4a1daca72fb9951cf8ab9a01918b737dbdab2
SHA256

21fd31991f5c6ca49407e85e9983853116be3a9440ab811e6d5f494bf6f81084
SHA512

e56f0afbafdc2b17c95c1d05a954c56de205cdac7dffe18d0ab71ffa67da1f643dd1ba975342f4bdc7fa074d1c311ec6d0b9d1604f5da29703704289ba9b6a2f
SSDEEP

3072:idbxFRNLzD2euHXpoKP7rMLooYbVjd69jc0v:qFR9D2LHXpoKP7rMLooYBjd6NV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  86810fb40ca3e940568cd660f5e4c7c0N
- Size
  
  96KB
- MD5
  
  86810fb40ca3e940568cd660f5e4c7c0
- SHA1
  
  20a4a1daca72fb9951cf8ab9a01918b737dbdab2
- SHA256
  
  21fd31991f5c6ca49407e85e9983853116be3a9440ab811e6d5f494bf6f81084
- SHA512
  
  e56f0afbafdc2b17c95c1d05a954c56de205cdac7dffe18d0ab71ffa67da1f643dd1ba975342f4bdc7fa074d1c311ec6d0b9d1604f5da29703704289ba9b6a2f
- SSDEEP
  
  3072:idbxFRNLzD2euHXpoKP7rMLooYbVjd69jc0v:qFR9D2LHXpoKP7rMLooYBjd6NV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence