f81810a315fa8937f9fb9b36cec126df65bd52368e53a2e1c70775c4d015d2f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4eb8b97c6da3578fed0c0f921c50b70N
Size

790KB
Sample

240911-sl31vaxdpm
MD5

d4eb8b97c6da3578fed0c0f921c50b70
SHA1

8c684ecfe5ad01bc1e6882dc9d8bb648482faebb
SHA256

f81810a315fa8937f9fb9b36cec126df65bd52368e53a2e1c70775c4d015d2f4
SHA512

fc1e9182b9783de0b039bc5fe53f42955e02dd56b3a1408ac1bcdb039e8bf325721ab745c90129e1757811303d7f1d0f2fede86f5a1969e3127faa2f5f1e0ab2
SSDEEP

12288:mSomFB24lwR45FB24lJ87g7/VycgE81lgxaa79y:mbOPLPEoIlg17o

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d4eb8b97c6da3578fed0c0f921c50b70N
- Size
  
  790KB
- MD5
  
  d4eb8b97c6da3578fed0c0f921c50b70
- SHA1
  
  8c684ecfe5ad01bc1e6882dc9d8bb648482faebb
- SHA256
  
  f81810a315fa8937f9fb9b36cec126df65bd52368e53a2e1c70775c4d015d2f4
- SHA512
  
  fc1e9182b9783de0b039bc5fe53f42955e02dd56b3a1408ac1bcdb039e8bf325721ab745c90129e1757811303d7f1d0f2fede86f5a1969e3127faa2f5f1e0ab2
- SSDEEP
  
  12288:mSomFB24lwR45FB24lJ87g7/VycgE81lgxaa79y:mbOPLPEoIlg17o
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence