418fe6304afe2fe5233312b265f88a9b895ab07a8ef9c4ab3f222cdbd277e481 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

418fe6304afe2fe5233312b265f88a9b895ab07a8ef9c4ab3f222cdbd277e481
Size

64KB
Sample

240911-zm117ssckn
MD5

aee2ee1d0915b603a9fdfc934f223af5
SHA1

41e5ab738f8122ac8c2ccba7121c75b51183cd66
SHA256

418fe6304afe2fe5233312b265f88a9b895ab07a8ef9c4ab3f222cdbd277e481
SHA512

2979f02fa59db773e364840686c544e6775f4803b4b9c4ce8e9a8fe5816f701125bcb93d7482efdfb4c77e0a576e69dda1b089ce4850db2ca17c2563f3e5cf40
SSDEEP

1536:SnY3Wtrh7a+PdxDf9qj4lUXruCHcpzt/Idn:PIFa+PXRQepFwn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  418fe6304afe2fe5233312b265f88a9b895ab07a8ef9c4ab3f222cdbd277e481
- Size
  
  64KB
- MD5
  
  aee2ee1d0915b603a9fdfc934f223af5
- SHA1
  
  41e5ab738f8122ac8c2ccba7121c75b51183cd66
- SHA256
  
  418fe6304afe2fe5233312b265f88a9b895ab07a8ef9c4ab3f222cdbd277e481
- SHA512
  
  2979f02fa59db773e364840686c544e6775f4803b4b9c4ce8e9a8fe5816f701125bcb93d7482efdfb4c77e0a576e69dda1b089ce4850db2ca17c2563f3e5cf40
- SSDEEP
  
  1536:SnY3Wtrh7a+PdxDf9qj4lUXruCHcpzt/Idn:PIFa+PXRQepFwn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence