7212e7a4fd5dc2d85dd294e31c4e547a17bee32eafb2e589c822c68f94049d23 | Triage

Sharing

General

Target

2f29be4ee8e6928ecde0cdd6be422200N
Size

386KB
Sample

240908-z12jwsvhjn
MD5

2f29be4ee8e6928ecde0cdd6be422200
SHA1

3bc4435e903251ecf20e49acbe012b83765b7821
SHA256

7212e7a4fd5dc2d85dd294e31c4e547a17bee32eafb2e589c822c68f94049d23
SHA512

628a7e34f3f467640cfa863924ae345ab7e98caae59000f02e56f9aaf96b0ab12788e3ffec9c081ba42d276361be6a2fbdc2feb32edabee584c8f281f034f4ea
SSDEEP

12288:m5/KMSwQZ7287xmPFRkfJg9qwQZ7287xmP:m5/KMSZZ/aFKm9qZZ/a

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2f29be4ee8e6928ecde0cdd6be422200N
- Size
  
  386KB
- MD5
  
  2f29be4ee8e6928ecde0cdd6be422200
- SHA1
  
  3bc4435e903251ecf20e49acbe012b83765b7821
- SHA256
  
  7212e7a4fd5dc2d85dd294e31c4e547a17bee32eafb2e589c822c68f94049d23
- SHA512
  
  628a7e34f3f467640cfa863924ae345ab7e98caae59000f02e56f9aaf96b0ab12788e3ffec9c081ba42d276361be6a2fbdc2feb32edabee584c8f281f034f4ea
- SSDEEP
  
  12288:m5/KMSwQZ7287xmPFRkfJg9qwQZ7287xmP:m5/KMSZZ/aFKm9qZZ/a
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence