bf0d98df9d17e7389ed9139dff513c5d0cd568f79eb861c0c8f2cc0e6990cffc | Triage

Sharing

General

Target

ffb40aaa37b9886a95397f61d6383310N.exe
Size

128KB
Sample

240912-1adktawelc
MD5

ffb40aaa37b9886a95397f61d6383310
SHA1

d9513d3fd1543c47b96b015db37816dc2ea351cf
SHA256

bf0d98df9d17e7389ed9139dff513c5d0cd568f79eb861c0c8f2cc0e6990cffc
SHA512

46f89c6253dd108ba9b845a8e111ac40439f7dacd842b75e739b871ad3e3487812d61edb352d22d12c41aa3fe283b1d152b8314763aba113f6302cfa7bd743d9
SSDEEP

3072:U/UWgesOUX+BCpUEuk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/:Qbj8rWEuFtCApaH8m3QIvMWH5H

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ffb40aaa37b9886a95397f61d6383310N.exe
- Size
  
  128KB
- MD5
  
  ffb40aaa37b9886a95397f61d6383310
- SHA1
  
  d9513d3fd1543c47b96b015db37816dc2ea351cf
- SHA256
  
  bf0d98df9d17e7389ed9139dff513c5d0cd568f79eb861c0c8f2cc0e6990cffc
- SHA512
  
  46f89c6253dd108ba9b845a8e111ac40439f7dacd842b75e739b871ad3e3487812d61edb352d22d12c41aa3fe283b1d152b8314763aba113f6302cfa7bd743d9
- SSDEEP
  
  3072:U/UWgesOUX+BCpUEuk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/:Qbj8rWEuFtCApaH8m3QIvMWH5H
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence