52e3b8475e965eb56f57978fc88186f7408bc2f66b115d5f2c73e6fc8addfedb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e813f229750803c23008c8be5548d9e0N.exe
Size

9.9MB
Sample

240908-y6jetswdlg
MD5

e813f229750803c23008c8be5548d9e0
SHA1

d0c5b58feb3ee9010604351bef8ba6e9eb3e5593
SHA256

52e3b8475e965eb56f57978fc88186f7408bc2f66b115d5f2c73e6fc8addfedb
SHA512

74a47b3d3f7253def4b874a3aae190f9d714305bef30a48b07c4cd959797175faf5c77efc87667b2d096356cf9215a8e9ea51eda2ddb73107ff9647a313a5eb4
SSDEEP

196608:vmqnhgJuP3LAhCiVXCWeZLsA1oMuWr45hrr27:/S+LVReJWGhrr27

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  e813f229750803c23008c8be5548d9e0N.exe
- Size
  
  9.9MB
- MD5
  
  e813f229750803c23008c8be5548d9e0
- SHA1
  
  d0c5b58feb3ee9010604351bef8ba6e9eb3e5593
- SHA256
  
  52e3b8475e965eb56f57978fc88186f7408bc2f66b115d5f2c73e6fc8addfedb
- SHA512
  
  74a47b3d3f7253def4b874a3aae190f9d714305bef30a48b07c4cd959797175faf5c77efc87667b2d096356cf9215a8e9ea51eda2ddb73107ff9647a313a5eb4
- SSDEEP
  
  196608:vmqnhgJuP3LAhCiVXCWeZLsA1oMuWr45hrr27:/S+LVReJWGhrr27
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence