d3957d1b1f75688b384df4f84a0143e2003d338cdd054a321b4815f9300954b4 | Triage

Sharing

General

Target

35e0f605bbafab0cef648e78dc1e94c0N
Size

128KB
Sample

240912-fhpb3ascje
MD5

35e0f605bbafab0cef648e78dc1e94c0
SHA1

cf317de8c583f63648d63e598cb05df4d5063643
SHA256

d3957d1b1f75688b384df4f84a0143e2003d338cdd054a321b4815f9300954b4
SHA512

61c479bc43fbee21350d4fbcde6bd42c9e523852d7dcfffe1bfb857c5f9c8f63ef5da0a17037a036736005b20347e6d6a94cd33892c993f9f16eb3bd82a08869
SSDEEP

3072:CdKumD/xpS636rAQWv9QVasT508uFafmHURHAVgnvedh6:4KuS/xpB36FW1+T508uF8YU8gnve7

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  35e0f605bbafab0cef648e78dc1e94c0N
- Size
  
  128KB
- MD5
  
  35e0f605bbafab0cef648e78dc1e94c0
- SHA1
  
  cf317de8c583f63648d63e598cb05df4d5063643
- SHA256
  
  d3957d1b1f75688b384df4f84a0143e2003d338cdd054a321b4815f9300954b4
- SHA512
  
  61c479bc43fbee21350d4fbcde6bd42c9e523852d7dcfffe1bfb857c5f9c8f63ef5da0a17037a036736005b20347e6d6a94cd33892c993f9f16eb3bd82a08869
- SSDEEP
  
  3072:CdKumD/xpS636rAQWv9QVasT508uFafmHURHAVgnvedh6:4KuS/xpB36FW1+T508uF8YU8gnve7
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence