20de629928ced0cadf6a3fccac8337a794e25eee2111fdba98f48d52d6af5f34 | Triage

Sharing

General

Target

ddf3cc5e535981c589294838768942e0N
Size

217KB
Sample

240912-egynnszfkf
MD5

ddf3cc5e535981c589294838768942e0
SHA1

66764462e52cf0cba1819de54f4c4917c2b18729
SHA256

20de629928ced0cadf6a3fccac8337a794e25eee2111fdba98f48d52d6af5f34
SHA512

537aef278f42d930ba4cc09b347fd43dc1bd9f4787abea50e1049353f54673f73ae7b0e6cc4be0b1b96d32416bc29770d9f6e59c49a1be2753b6360ef8b3af8f
SSDEEP

3072:IOPz3tJlJbxg/L5gFEeS5pAgYIqGvJ6887lbyMGjXF1kqaholmtbCQVD:Ic7tg/VgKdZMGXF5ahdt3

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ddf3cc5e535981c589294838768942e0N
- Size
  
  217KB
- MD5
  
  ddf3cc5e535981c589294838768942e0
- SHA1
  
  66764462e52cf0cba1819de54f4c4917c2b18729
- SHA256
  
  20de629928ced0cadf6a3fccac8337a794e25eee2111fdba98f48d52d6af5f34
- SHA512
  
  537aef278f42d930ba4cc09b347fd43dc1bd9f4787abea50e1049353f54673f73ae7b0e6cc4be0b1b96d32416bc29770d9f6e59c49a1be2753b6360ef8b3af8f
- SSDEEP
  
  3072:IOPz3tJlJbxg/L5gFEeS5pAgYIqGvJ6887lbyMGjXF1kqaholmtbCQVD:Ic7tg/VgKdZMGXF5ahdt3
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence