c839d02402f0b0aae1f383dfe06d967d55e738ac6258fef4bf07b3c8a90cbb36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df920f5ba8251cc20c4dfdb2188fd470N.exe
Size

2.7MB
Sample

240909-hrs3qawekr
MD5

df920f5ba8251cc20c4dfdb2188fd470
SHA1

1832f9ae2a5bf4cb3d30ca8c3ba604bf7cc3f233
SHA256

c839d02402f0b0aae1f383dfe06d967d55e738ac6258fef4bf07b3c8a90cbb36
SHA512

5e4cd5275958d0270b6f29e691e17041f58a4a1092ca747504001d57e7f688e0a5c861726a258566eb9afe624f1eeb4ab0bf90d2ef2a399b33a2ea51b0e0be29
SSDEEP

12288:s7vJqpCtRwKA5p8Wgx+gWVBmLnWrOxNuxC7:s9qEfAL8WJm8MoC7

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  df920f5ba8251cc20c4dfdb2188fd470N.exe
- Size
  
  2.7MB
- MD5
  
  df920f5ba8251cc20c4dfdb2188fd470
- SHA1
  
  1832f9ae2a5bf4cb3d30ca8c3ba604bf7cc3f233
- SHA256
  
  c839d02402f0b0aae1f383dfe06d967d55e738ac6258fef4bf07b3c8a90cbb36
- SHA512
  
  5e4cd5275958d0270b6f29e691e17041f58a4a1092ca747504001d57e7f688e0a5c861726a258566eb9afe624f1eeb4ab0bf90d2ef2a399b33a2ea51b0e0be29
- SSDEEP
  
  12288:s7vJqpCtRwKA5p8Wgx+gWVBmLnWrOxNuxC7:s9qEfAL8WJm8MoC7
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence