ceaa1e6e9841b19090d72c7e3789fc2d59e17a698eed099403ba21d81b014c44 | Triage

Sharing

General

Target

e1aadd5b964f0638ad9c2de526afd770N
Size

123KB
Sample

240911-pyyp4s1fjb
MD5

e1aadd5b964f0638ad9c2de526afd770
SHA1

84e617678a4d59272f5a3b85df5aab8120966ba1
SHA256

ceaa1e6e9841b19090d72c7e3789fc2d59e17a698eed099403ba21d81b014c44
SHA512

414b1c341b55028a329ddd38fd7c183f8f840701c405c46e02e4d9e03c4b2a1c04c14bbe77a01d3308b2145e2c36a9c9d2b5bc4741d2f4e31d13c745fa033ad8
SSDEEP

3072:ws41XJTmfIcHmCyh8XRYSa9rR85DEn5k7r8:eBJaAcx0M4rQD85k/8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e1aadd5b964f0638ad9c2de526afd770N
- Size
  
  123KB
- MD5
  
  e1aadd5b964f0638ad9c2de526afd770
- SHA1
  
  84e617678a4d59272f5a3b85df5aab8120966ba1
- SHA256
  
  ceaa1e6e9841b19090d72c7e3789fc2d59e17a698eed099403ba21d81b014c44
- SHA512
  
  414b1c341b55028a329ddd38fd7c183f8f840701c405c46e02e4d9e03c4b2a1c04c14bbe77a01d3308b2145e2c36a9c9d2b5bc4741d2f4e31d13c745fa033ad8
- SSDEEP
  
  3072:ws41XJTmfIcHmCyh8XRYSa9rR85DEn5k7r8:eBJaAcx0M4rQD85k/8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence