f6811f5e25c3c8149cd350b313045c635ebef759b9837981bd60fb2bf399dfcb | Triage

Sharing

General

Target

0d4ddf089f252d9c13e598bca7ae00c0N
Size

192KB
Sample

240912-kw2xjazfmn
MD5

0d4ddf089f252d9c13e598bca7ae00c0
SHA1

80fb768f07de3c8f21be9df023421c3f9225c306
SHA256

f6811f5e25c3c8149cd350b313045c635ebef759b9837981bd60fb2bf399dfcb
SHA512

d735137a676f2de36583fe0aaedb615e47beb45474826a959d7d3d71532bbcd99278297aa012f5946a5cdc9d7dbf64f2941ec92ed4cf0aa13815c40bae639cce
SSDEEP

3072:A57DotQvlMelvd3FQo7fnEBctcp/+wreVisp:y70tImelvd3FF7fPtcsw6U2

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0d4ddf089f252d9c13e598bca7ae00c0N
- Size
  
  192KB
- MD5
  
  0d4ddf089f252d9c13e598bca7ae00c0
- SHA1
  
  80fb768f07de3c8f21be9df023421c3f9225c306
- SHA256
  
  f6811f5e25c3c8149cd350b313045c635ebef759b9837981bd60fb2bf399dfcb
- SHA512
  
  d735137a676f2de36583fe0aaedb615e47beb45474826a959d7d3d71532bbcd99278297aa012f5946a5cdc9d7dbf64f2941ec92ed4cf0aa13815c40bae639cce
- SSDEEP
  
  3072:A57DotQvlMelvd3FQo7fnEBctcp/+wreVisp:y70tImelvd3FF7fPtcsw6U2
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence