0994bd312af7624cf5fcb282b4279418e5612725f429ac6f3d1f64313b918ef5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e43aec7667bd8957a7a373a28ea2eb0N
Size

363KB
Sample

240908-tw392ayblf
MD5

0e43aec7667bd8957a7a373a28ea2eb0
SHA1

d6d3e803207e3f6e1de6aa0bbe5c9d09c08a6e3b
SHA256

0994bd312af7624cf5fcb282b4279418e5612725f429ac6f3d1f64313b918ef5
SHA512

d5833be043bacf2756fefc35d021f0260873f95c82d7441dd1d1291541d5085cbfd4e081596b559e70517064e1ff99032b0d838be6c9f8176d31b16739386079
SSDEEP

6144:iROdjbFQ43VU5tTbVXksax8n5tTDUZNSN58VU5tT:iRiHFQcG5tP6sus5t6NSN6G5t

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0e43aec7667bd8957a7a373a28ea2eb0N
- Size
  
  363KB
- MD5
  
  0e43aec7667bd8957a7a373a28ea2eb0
- SHA1
  
  d6d3e803207e3f6e1de6aa0bbe5c9d09c08a6e3b
- SHA256
  
  0994bd312af7624cf5fcb282b4279418e5612725f429ac6f3d1f64313b918ef5
- SHA512
  
  d5833be043bacf2756fefc35d021f0260873f95c82d7441dd1d1291541d5085cbfd4e081596b559e70517064e1ff99032b0d838be6c9f8176d31b16739386079
- SSDEEP
  
  6144:iROdjbFQ43VU5tTbVXksax8n5tTDUZNSN58VU5tT:iRiHFQcG5tP6sus5t6NSN6G5t
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence