3b67912ce3f00f97266e5c4e8299f8f16c67e34623500df0f69a785fa31f0872 | Triage

Sharing

General

Target

8d04d96d41fd61d9567129050b9bda90N
Size

448KB
Sample

240908-tahffaxalh
MD5

8d04d96d41fd61d9567129050b9bda90
SHA1

bea3055c3aa723ba10fe238185ba4eab6e385081
SHA256

3b67912ce3f00f97266e5c4e8299f8f16c67e34623500df0f69a785fa31f0872
SHA512

182004fef5a6fb89ffa065c1217005b57d1954eef0d9bd9d5eadfa18ca5dcec47a825c2518c79d639a6884a1678b7baad1dac067e328ccf2a87f0db3b746895e
SSDEEP

6144:Y7SOLIJjtDBdk7+1bRtPcCrhCRkR/+MG7+1bRtPcCrhxPSHlV2Yj6egLCCGP7+1h:6SOZYNrekcPYNrq6+gmCAYNrP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8d04d96d41fd61d9567129050b9bda90N
- Size
  
  448KB
- MD5
  
  8d04d96d41fd61d9567129050b9bda90
- SHA1
  
  bea3055c3aa723ba10fe238185ba4eab6e385081
- SHA256
  
  3b67912ce3f00f97266e5c4e8299f8f16c67e34623500df0f69a785fa31f0872
- SHA512
  
  182004fef5a6fb89ffa065c1217005b57d1954eef0d9bd9d5eadfa18ca5dcec47a825c2518c79d639a6884a1678b7baad1dac067e328ccf2a87f0db3b746895e
- SSDEEP
  
  6144:Y7SOLIJjtDBdk7+1bRtPcCrhCRkR/+MG7+1bRtPcCrhxPSHlV2Yj6egLCCGP7+1h:6SOZYNrekcPYNrq6+gmCAYNrP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence