402fd82ae7e346486219d705ed483a5ef07fca4b0d5037edc28611b343b32f18 | Triage

Sharing

General

Target

40c5e7c4c57fa016cb29c9f39eff54b0N.exe
Size

3.3MB
Sample

240909-hsh9xawemr
MD5

40c5e7c4c57fa016cb29c9f39eff54b0
SHA1

6f6f7392554b52583375cf83532647838af9371d
SHA256

402fd82ae7e346486219d705ed483a5ef07fca4b0d5037edc28611b343b32f18
SHA512

8a7111139c3ebdf143566c96050245c88ce9408ee82f5d1dd0630a07f4342de265871278fa785e72e6f17780e652fcbb004a4f1f7d1884c20a413ee0b6eaa52d
SSDEEP

49152:q18MAFpnnJH9BUfKn+95lRVfAa0Vg76Lo2E2T8avTl2y/Bw:VMA3vBUGHo+m

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  40c5e7c4c57fa016cb29c9f39eff54b0N.exe
- Size
  
  3.3MB
- MD5
  
  40c5e7c4c57fa016cb29c9f39eff54b0
- SHA1
  
  6f6f7392554b52583375cf83532647838af9371d
- SHA256
  
  402fd82ae7e346486219d705ed483a5ef07fca4b0d5037edc28611b343b32f18
- SHA512
  
  8a7111139c3ebdf143566c96050245c88ce9408ee82f5d1dd0630a07f4342de265871278fa785e72e6f17780e652fcbb004a4f1f7d1884c20a413ee0b6eaa52d
- SSDEEP
  
  49152:q18MAFpnnJH9BUfKn+95lRVfAa0Vg76Lo2E2T8avTl2y/Bw:VMA3vBUGHo+m
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence