d6e5fbec248e6056c15d1b3c0d75e64c92940654e32a805f496b9973e8b35bbf | Triage

Sharing

General

Target

f1ab7b9e5c51e33949daa3fb9e7b6f50N
Size

56KB
Sample

240912-z18yzavell
MD5

f1ab7b9e5c51e33949daa3fb9e7b6f50
SHA1

e7e6ebb5814a40f4453f1f3ffebe2ea974efa6e5
SHA256

d6e5fbec248e6056c15d1b3c0d75e64c92940654e32a805f496b9973e8b35bbf
SHA512

9a62cdc2ddf8401a79524aca0cb20d50194fd9fc192612192f36c6d9791212f8370b0d3a9b8dc41b2df680fa7b75d66cd7ee214ce0854e9ece262e517d91f628
SSDEEP

768:lVNsJyVq1NUxwksXs5yXcfuISqy6tm25twBXTk90NbSZPy/l5ic7T/1H53Xdnh:lVKUSks85yJqy6tmVTkqb4PM48hj

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f1ab7b9e5c51e33949daa3fb9e7b6f50N
- Size
  
  56KB
- MD5
  
  f1ab7b9e5c51e33949daa3fb9e7b6f50
- SHA1
  
  e7e6ebb5814a40f4453f1f3ffebe2ea974efa6e5
- SHA256
  
  d6e5fbec248e6056c15d1b3c0d75e64c92940654e32a805f496b9973e8b35bbf
- SHA512
  
  9a62cdc2ddf8401a79524aca0cb20d50194fd9fc192612192f36c6d9791212f8370b0d3a9b8dc41b2df680fa7b75d66cd7ee214ce0854e9ece262e517d91f628
- SSDEEP
  
  768:lVNsJyVq1NUxwksXs5yXcfuISqy6tm25twBXTk90NbSZPy/l5ic7T/1H53Xdnh:lVKUSks85yJqy6tmVTkqb4PM48hj
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence