0d8e4d4905d158d4d47ee881fe895f1ddd0d520a4b3007f65df420e22aa39c34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5ba846bd0ea9564335eb6cd03ba3150N
Size

182KB
Sample

240911-zehvnascqf
MD5

a5ba846bd0ea9564335eb6cd03ba3150
SHA1

37dbff31b0fb1e9412d509bcdcb57daad6b124a3
SHA256

0d8e4d4905d158d4d47ee881fe895f1ddd0d520a4b3007f65df420e22aa39c34
SHA512

be45f67463995b767c1c473473e359c7700ea2b053f32dfa83b68cf1cfa093a4d1950f2d690e496049b294bab14ad30d0684a0fcc8a185edf3f6a68342c52534
SSDEEP

3072:01mRGXUe2jdDI24ho1mtye3lFDrFDHZtOga24ho1mtye3l:Ra38DFsFj5tT3sF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a5ba846bd0ea9564335eb6cd03ba3150N
- Size
  
  182KB
- MD5
  
  a5ba846bd0ea9564335eb6cd03ba3150
- SHA1
  
  37dbff31b0fb1e9412d509bcdcb57daad6b124a3
- SHA256
  
  0d8e4d4905d158d4d47ee881fe895f1ddd0d520a4b3007f65df420e22aa39c34
- SHA512
  
  be45f67463995b767c1c473473e359c7700ea2b053f32dfa83b68cf1cfa093a4d1950f2d690e496049b294bab14ad30d0684a0fcc8a185edf3f6a68342c52534
- SSDEEP
  
  3072:01mRGXUe2jdDI24ho1mtye3lFDrFDHZtOga24ho1mtye3l:Ra38DFsFj5tT3sF
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence