dcd100ada487f8b5bf1e00c37c6e201f9c0eb4b7726ba3c34a4f3ac6fee4add2 | Triage

Sharing

General

Target

dcd100ada487f8b5bf1e00c37c6e201f9c0eb4b7726ba3c34a4f3ac6fee4add2
Size

169KB
Sample

240911-dtx28szcpm
MD5

7776759610f66fe92115112207ae3cdf
SHA1

e86a4d03adb4f0762ca0a164606a72f49d72776a
SHA256

dcd100ada487f8b5bf1e00c37c6e201f9c0eb4b7726ba3c34a4f3ac6fee4add2
SHA512

59e6ac4ab3551da12bbd984002ccafa75652c0d8fc5921df9f20e680b4e7074460e1d49bdb53ad311594b336aeb7c2c3928a85602b05d31dfe636e806daddb86
SSDEEP

3072:KJDcL/G9fgEJ4xKS92+0Dgx/vl754PxMeEvPOdgujv6NLPfFFrKP92f65Ha:gM0J4xJ9UE/54JML3OdgawrFZKPf9

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dcd100ada487f8b5bf1e00c37c6e201f9c0eb4b7726ba3c34a4f3ac6fee4add2
- Size
  
  169KB
- MD5
  
  7776759610f66fe92115112207ae3cdf
- SHA1
  
  e86a4d03adb4f0762ca0a164606a72f49d72776a
- SHA256
  
  dcd100ada487f8b5bf1e00c37c6e201f9c0eb4b7726ba3c34a4f3ac6fee4add2
- SHA512
  
  59e6ac4ab3551da12bbd984002ccafa75652c0d8fc5921df9f20e680b4e7074460e1d49bdb53ad311594b336aeb7c2c3928a85602b05d31dfe636e806daddb86
- SSDEEP
  
  3072:KJDcL/G9fgEJ4xKS92+0Dgx/vl754PxMeEvPOdgujv6NLPfFFrKP92f65Ha:gM0J4xJ9UE/54JML3OdgawrFZKPf9
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence