f499ffe4069e547425822877ad19caaa604ba48c57bbd52f99b11f55fe9b25ab | Triage

Sharing

General

Target

b93529fd08fbc6d1fe90f1b1f8ed9580N.exe
Size

128KB
Sample

240909-k249vashng
MD5

b93529fd08fbc6d1fe90f1b1f8ed9580
SHA1

568ad6ac01a088a64f7d5935d7f2631802b2b435
SHA256

f499ffe4069e547425822877ad19caaa604ba48c57bbd52f99b11f55fe9b25ab
SHA512

b230c2cf691cf59a6b5443c609534d31bf74c1e1d983b7d259eba0d3eeaba281221099941baf9a5b450f94d2af1d726cd3b16ba0d45d3d66943c0ebbd9289ccd
SSDEEP

3072:Y0QMAhh7k+FiAWzA0xFv+Y4H1vkF3VOMC4uMhZ:WMQhLtWJxF+Jk/4A

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b93529fd08fbc6d1fe90f1b1f8ed9580N.exe
- Size
  
  128KB
- MD5
  
  b93529fd08fbc6d1fe90f1b1f8ed9580
- SHA1
  
  568ad6ac01a088a64f7d5935d7f2631802b2b435
- SHA256
  
  f499ffe4069e547425822877ad19caaa604ba48c57bbd52f99b11f55fe9b25ab
- SHA512
  
  b230c2cf691cf59a6b5443c609534d31bf74c1e1d983b7d259eba0d3eeaba281221099941baf9a5b450f94d2af1d726cd3b16ba0d45d3d66943c0ebbd9289ccd
- SSDEEP
  
  3072:Y0QMAhh7k+FiAWzA0xFv+Y4H1vkF3VOMC4uMhZ:WMQhLtWJxF+Jk/4A
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence