9ea29c30021caf2e64ff77329f5d09275b22e88a84f9656098cf869022dbf732 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ea29c30021caf2e64ff77329f5d09275b22e88a84f9656098cf869022dbf732
Size

89KB
Sample

240911-kb4wdssalb
MD5

349f8682dea8852c62fa8f562c4d8ebb
SHA1

5db93285283315db29d68515ce59db5c3b7c59c8
SHA256

9ea29c30021caf2e64ff77329f5d09275b22e88a84f9656098cf869022dbf732
SHA512

6b4b2f105bbba5a7e29ddd317fe9c176c6de7844e3487652f197c881fa157cd5edfa2b1997b453ccc2306206931bc431871b694f9d771160095499e091f9665b
SSDEEP

1536:bjRrwz2hMeO5jbxcGnuNyhS4EktPr6tGkvSVYfvPDWf3AlRQdD68a+VMKKTRVGFv:buUMeIbxcGnXwur6tkuTleEr4MKy3G7r

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9ea29c30021caf2e64ff77329f5d09275b22e88a84f9656098cf869022dbf732
- Size
  
  89KB
- MD5
  
  349f8682dea8852c62fa8f562c4d8ebb
- SHA1
  
  5db93285283315db29d68515ce59db5c3b7c59c8
- SHA256
  
  9ea29c30021caf2e64ff77329f5d09275b22e88a84f9656098cf869022dbf732
- SHA512
  
  6b4b2f105bbba5a7e29ddd317fe9c176c6de7844e3487652f197c881fa157cd5edfa2b1997b453ccc2306206931bc431871b694f9d771160095499e091f9665b
- SSDEEP
  
  1536:bjRrwz2hMeO5jbxcGnuNyhS4EktPr6tGkvSVYfvPDWf3AlRQdD68a+VMKKTRVGFv:buUMeIbxcGnXwur6tkuTleEr4MKy3G7r
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence