5a532cbf0a5f1b7e41a843e8eda801f5cc6f5205b20980c8f49e830fe23ffddb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a532cbf0a5f1b7e41a843e8eda801f5cc6f5205b20980c8f49e830fe23ffddb
Size

91KB
Sample

240912-2tr3zszbpj
MD5

4f6f84bc427aba10397422bea7f3d058
SHA1

fa1b357b3a1d0b55d0945ff59c114a877be1676f
SHA256

5a532cbf0a5f1b7e41a843e8eda801f5cc6f5205b20980c8f49e830fe23ffddb
SHA512

1e50dfea9871ba7873a826a50bf7eeedbdf34344a6b337c7c297d5ecbd3e4a6b46616388174fea21c3d3b6b2eaf103c0a21229ab4cb8670870daef502872f88e
SSDEEP

1536:blulPcPd/ZuwdQs/wysL09P3r1dMbEGyRVfeDQtob1xS15UJy/vSGw:blkPcPd/nN/wp6P3r1dMbEGyBGMV/vSX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5a532cbf0a5f1b7e41a843e8eda801f5cc6f5205b20980c8f49e830fe23ffddb
- Size
  
  91KB
- MD5
  
  4f6f84bc427aba10397422bea7f3d058
- SHA1
  
  fa1b357b3a1d0b55d0945ff59c114a877be1676f
- SHA256
  
  5a532cbf0a5f1b7e41a843e8eda801f5cc6f5205b20980c8f49e830fe23ffddb
- SHA512
  
  1e50dfea9871ba7873a826a50bf7eeedbdf34344a6b337c7c297d5ecbd3e4a6b46616388174fea21c3d3b6b2eaf103c0a21229ab4cb8670870daef502872f88e
- SSDEEP
  
  1536:blulPcPd/ZuwdQs/wysL09P3r1dMbEGyRVfeDQtob1xS15UJy/vSGw:blkPcPd/nN/wp6P3r1dMbEGyBGMV/vSX
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence