42770593ba8d77f558197174bf5fcf84248342660b08d49824e3cd99ba10bd91 | Triage

Sharing

General

Target

04f9b2a96bb0e059ffa2122a7df07830N
Size

479KB
Sample

240912-yhlkaa1dlm
MD5

04f9b2a96bb0e059ffa2122a7df07830
SHA1

3790e57f12e8c5ae467f5317c1ee01ae22e0f2d1
SHA256

42770593ba8d77f558197174bf5fcf84248342660b08d49824e3cd99ba10bd91
SHA512

25742f59dd3babd8f8533484bd3798aff1d07bc3c9d3efa8f61dcee52bd5500dd7cf2b0d559a7260a73a8c2a3c07a93210585daed7ecf2c2553e99d00459d1d4
SSDEEP

6144:wSkUS4g1KIRJ6EQnT2leTLgNPx33fpu2leTLg:w5D4gDRJ6EQ6Q2drQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  04f9b2a96bb0e059ffa2122a7df07830N
- Size
  
  479KB
- MD5
  
  04f9b2a96bb0e059ffa2122a7df07830
- SHA1
  
  3790e57f12e8c5ae467f5317c1ee01ae22e0f2d1
- SHA256
  
  42770593ba8d77f558197174bf5fcf84248342660b08d49824e3cd99ba10bd91
- SHA512
  
  25742f59dd3babd8f8533484bd3798aff1d07bc3c9d3efa8f61dcee52bd5500dd7cf2b0d559a7260a73a8c2a3c07a93210585daed7ecf2c2553e99d00459d1d4
- SSDEEP
  
  6144:wSkUS4g1KIRJ6EQnT2leTLgNPx33fpu2leTLg:w5D4gDRJ6EQ6Q2drQ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence