afa23557bf05b09ce61bd7610e4d1a4c3a251e33f0ddc51d5496bdb76aaee74b | Triage

Sharing

General

Target

fab3f5809f858f132f2e18745bbc3e80N
Size

128KB
Sample

240911-h5ga3szaqf
MD5

fab3f5809f858f132f2e18745bbc3e80
SHA1

15bdc7c9dffaed47e64326f70b6d0acea7b61a38
SHA256

afa23557bf05b09ce61bd7610e4d1a4c3a251e33f0ddc51d5496bdb76aaee74b
SHA512

837b2e804c322f72db1771479a030e6a77b5f0b7c75b20e7bc6f774c30f928d55f8f9b1d75020bfc61d947558300af6e672abb7a5449dc1d070b57a703e68129
SSDEEP

3072:sol2JR8L9pRmYmFher2PMR8RZdUXeD05wkpHxG:dl2XS3Mgr/R8RZdUOnCA

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fab3f5809f858f132f2e18745bbc3e80N
- Size
  
  128KB
- MD5
  
  fab3f5809f858f132f2e18745bbc3e80
- SHA1
  
  15bdc7c9dffaed47e64326f70b6d0acea7b61a38
- SHA256
  
  afa23557bf05b09ce61bd7610e4d1a4c3a251e33f0ddc51d5496bdb76aaee74b
- SHA512
  
  837b2e804c322f72db1771479a030e6a77b5f0b7c75b20e7bc6f774c30f928d55f8f9b1d75020bfc61d947558300af6e672abb7a5449dc1d070b57a703e68129
- SSDEEP
  
  3072:sol2JR8L9pRmYmFher2PMR8RZdUXeD05wkpHxG:dl2XS3Mgr/R8RZdUOnCA
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence