b79cb1a813c3d8d88a65df33560e653420c8d7534c56e719eb3cd5a598a0da12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b79cb1a813c3d8d88a65df33560e653420c8d7534c56e719eb3cd5a598a0da12
Size

79KB
Sample

240911-hrng8sydqb
MD5

aa79b961c8f56e662e65c6de592875f3
SHA1

8fce3c94ae4a8b28ca397d32d5875dec1164400f
SHA256

b79cb1a813c3d8d88a65df33560e653420c8d7534c56e719eb3cd5a598a0da12
SHA512

ec3694ee720f57fab01215d83e4c7dd08497d0b11457e5749db70f387cfd06456b8eafbcaa80c5616a4aeeda3f05e53b0f0b9f43b53bbc56f3d737a3677348fc
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOJqBPX:GhfxHNIreQm+Hi2qBPX

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b79cb1a813c3d8d88a65df33560e653420c8d7534c56e719eb3cd5a598a0da12
- Size
  
  79KB
- MD5
  
  aa79b961c8f56e662e65c6de592875f3
- SHA1
  
  8fce3c94ae4a8b28ca397d32d5875dec1164400f
- SHA256
  
  b79cb1a813c3d8d88a65df33560e653420c8d7534c56e719eb3cd5a598a0da12
- SHA512
  
  ec3694ee720f57fab01215d83e4c7dd08497d0b11457e5749db70f387cfd06456b8eafbcaa80c5616a4aeeda3f05e53b0f0b9f43b53bbc56f3d737a3677348fc
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOJqBPX:GhfxHNIreQm+Hi2qBPX
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence