7e0196fce209429b5a4d7ad6990b020744e7a9f8f87fb041f872ddc176b5f768 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e0196fce209429b5a4d7ad6990b020744e7a9f8f87fb041f872ddc176b5f768
Size

1.3MB
Sample

240909-3cxsksvhpl
MD5

43e06f79a67d98bbceba3d8af41884e2
SHA1

f193b5e9caac7bc8b8c1dacd53de80ad6b7068d9
SHA256

7e0196fce209429b5a4d7ad6990b020744e7a9f8f87fb041f872ddc176b5f768
SHA512

39a01d8e9e9653910ea85ef25b75e691e4bb16d63adc52cf44a0c863fbe5a89f18c2f7c00f264ac8b63f7aec57a0891943dec30945555bf901efabb4537cafa0
SSDEEP

12288:QrTNGAGhteAbaz22cWfVaw0HBHY8r8ABjMn:QnNhsaK2cWfVaw0HB48r8ABY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  7e0196fce209429b5a4d7ad6990b020744e7a9f8f87fb041f872ddc176b5f768
- Size
  
  1.3MB
- MD5
  
  43e06f79a67d98bbceba3d8af41884e2
- SHA1
  
  f193b5e9caac7bc8b8c1dacd53de80ad6b7068d9
- SHA256
  
  7e0196fce209429b5a4d7ad6990b020744e7a9f8f87fb041f872ddc176b5f768
- SHA512
  
  39a01d8e9e9653910ea85ef25b75e691e4bb16d63adc52cf44a0c863fbe5a89f18c2f7c00f264ac8b63f7aec57a0891943dec30945555bf901efabb4537cafa0
- SSDEEP
  
  12288:QrTNGAGhteAbaz22cWfVaw0HBHY8r8ABjMn:QnNhsaK2cWfVaw0HB48r8ABY
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence