2afe994e983b4969e01842e4cd7637a208fc85a59b18e08fc1e28db568447537 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2afe994e983b4969e01842e4cd7637a208fc85a59b18e08fc1e28db568447537
Size

93KB
Sample

240912-zlnpgstepj
MD5

7b593caceea2f41abb5642a3b848607c
SHA1

b05c376dcf8fc0449e8294ca2c8aed8d46637d98
SHA256

2afe994e983b4969e01842e4cd7637a208fc85a59b18e08fc1e28db568447537
SHA512

e14bf227bae667bdfc9db55361b1c6e2e3a8e8fab32af5093ef4315533f4633e09a71fde9a97ac0a3e23cf8cf234d29cd0e916ee9a19252290ae1941b1267817
SSDEEP

1536:hW/CKARUrl0dfyO/GT1QyX/r1Ubn8AZvOplmuXXQsRQDRkRLJzeLD9N0iQGRNQR5:tvUre1yrplIrKltXXPeDSJdEN0s4WE+a

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2afe994e983b4969e01842e4cd7637a208fc85a59b18e08fc1e28db568447537
- Size
  
  93KB
- MD5
  
  7b593caceea2f41abb5642a3b848607c
- SHA1
  
  b05c376dcf8fc0449e8294ca2c8aed8d46637d98
- SHA256
  
  2afe994e983b4969e01842e4cd7637a208fc85a59b18e08fc1e28db568447537
- SHA512
  
  e14bf227bae667bdfc9db55361b1c6e2e3a8e8fab32af5093ef4315533f4633e09a71fde9a97ac0a3e23cf8cf234d29cd0e916ee9a19252290ae1941b1267817
- SSDEEP
  
  1536:hW/CKARUrl0dfyO/GT1QyX/r1Ubn8AZvOplmuXXQsRQDRkRLJzeLD9N0iQGRNQR5:tvUre1yrplIrKltXXPeDSJdEN0s4WE+a
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence