a63a260c0835f9922cb6913205c8e7574af2404451487763e9b083edc6ed009e | Triage

Sharing

General

Target

a63a260c0835f9922cb6913205c8e7574af2404451487763e9b083edc6ed009e
Size

78KB
Sample

240912-p7mdfawbld
MD5

b7318612bf7baaac67ab870665fefa0d
SHA1

14ae55beca1029bec01f88ee037a2095c6c0f451
SHA256

a63a260c0835f9922cb6913205c8e7574af2404451487763e9b083edc6ed009e
SHA512

607d7e587f514b27b71493df26d0916389fb539dba99f77aa6e3262a2374f640b4688438cbca6cb8417ea70f56ca87e5e395398e35a4b4098e7ca4fea1266a84
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOnn:GhfxHNIreQm+HiEn

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a63a260c0835f9922cb6913205c8e7574af2404451487763e9b083edc6ed009e
- Size
  
  78KB
- MD5
  
  b7318612bf7baaac67ab870665fefa0d
- SHA1
  
  14ae55beca1029bec01f88ee037a2095c6c0f451
- SHA256
  
  a63a260c0835f9922cb6913205c8e7574af2404451487763e9b083edc6ed009e
- SHA512
  
  607d7e587f514b27b71493df26d0916389fb539dba99f77aa6e3262a2374f640b4688438cbca6cb8417ea70f56ca87e5e395398e35a4b4098e7ca4fea1266a84
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOnn:GhfxHNIreQm+HiEn
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence