57149e9987ec67c9e0b6f1367685b584624733163d6ba921895c98d26113d675 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

faf228cd20380588057f4cd2bfec0c80N.exe
Size

187KB
Sample

240909-ycw4tsybjf
MD5

faf228cd20380588057f4cd2bfec0c80
SHA1

4a5f38721fb26c0349a6b420c62a180da23ed8e9
SHA256

57149e9987ec67c9e0b6f1367685b584624733163d6ba921895c98d26113d675
SHA512

3517029ebaa4a11716f4d1a4a9c397964284155968c320cdbaff836084768d226cd3f92955dd07f1e4df4ae31a14fd4a8194938083dab88e038cbb73261f8f5d
SSDEEP

3072:97S+ljn44rhMSpMiVgtRQ2c+tlB5xpWJLM77OkeCK2+hDueH:JBljnXhpMiV+tbFOLM77OLLt

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  faf228cd20380588057f4cd2bfec0c80N.exe
- Size
  
  187KB
- MD5
  
  faf228cd20380588057f4cd2bfec0c80
- SHA1
  
  4a5f38721fb26c0349a6b420c62a180da23ed8e9
- SHA256
  
  57149e9987ec67c9e0b6f1367685b584624733163d6ba921895c98d26113d675
- SHA512
  
  3517029ebaa4a11716f4d1a4a9c397964284155968c320cdbaff836084768d226cd3f92955dd07f1e4df4ae31a14fd4a8194938083dab88e038cbb73261f8f5d
- SSDEEP
  
  3072:97S+ljn44rhMSpMiVgtRQ2c+tlB5xpWJLM77OkeCK2+hDueH:JBljnXhpMiV+tbFOLM77OLLt
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence