0f9dff53c972cd47003360aeda657d5eaea52c4ff8798a6727a4a9fc6a3c6676 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f9dff53c972cd47003360aeda657d5eaea52c4ff8798a6727a4a9fc6a3c6676
Size

78KB
Sample

240909-xecbrstdln
MD5

c50cb8cb4fd5c6657b498bf21f67ecfb
SHA1

ad8d33848d2e73b5b023294c978a9fff1799dc3a
SHA256

0f9dff53c972cd47003360aeda657d5eaea52c4ff8798a6727a4a9fc6a3c6676
SHA512

ae0c91716db4a15464e74b9e55bb230c1237ce320d32baaad2554b9468e1ce250a84c8f28c0f71b588e3fb6ed3da42a2d8b86e380da81b05b02de94b244b743a
SSDEEP

1536:03SUF/imapCfsNOJNRXeoIiiV5N+zL20gJi1ie:K3/hapCfgOJNRXPiV5gzL20WKt

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0f9dff53c972cd47003360aeda657d5eaea52c4ff8798a6727a4a9fc6a3c6676
- Size
  
  78KB
- MD5
  
  c50cb8cb4fd5c6657b498bf21f67ecfb
- SHA1
  
  ad8d33848d2e73b5b023294c978a9fff1799dc3a
- SHA256
  
  0f9dff53c972cd47003360aeda657d5eaea52c4ff8798a6727a4a9fc6a3c6676
- SHA512
  
  ae0c91716db4a15464e74b9e55bb230c1237ce320d32baaad2554b9468e1ce250a84c8f28c0f71b588e3fb6ed3da42a2d8b86e380da81b05b02de94b244b743a
- SSDEEP
  
  1536:03SUF/imapCfsNOJNRXeoIiiV5N+zL20gJi1ie:K3/hapCfgOJNRXPiV5gzL20WKt
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence