2f5820281c67a1e103bdc3a40684ecf34c3323c83a00b4b56b55ecf717823be9 | Triage

Sharing

General

Target

2f5820281c67a1e103bdc3a40684ecf34c3323c83a00b4b56b55ecf717823be9
Size

96KB
Sample

240912-zwvksavfkc
MD5

96d29aab4a1230f8df9942c9d277d194
SHA1

5c65b8ab586646f6bfefd42e0d5d445cd1cf8f15
SHA256

2f5820281c67a1e103bdc3a40684ecf34c3323c83a00b4b56b55ecf717823be9
SHA512

79532940c5b74ded1e42aaf30efeeeeb8c7c365252b2627df6e5bc213043221a644e429a289c93d788238056ff12b5fe420d0922d2bcb66bc2dc380f51a25100
SSDEEP

1536:xgZVb0YJsUPp3tnSWlHrnCjPxJrUS4U91303yj/FPO4Nw2t1MhrUQVoMdUT+irF:AbN53lSWlL6Prvt1Mhr1Rhk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2f5820281c67a1e103bdc3a40684ecf34c3323c83a00b4b56b55ecf717823be9
- Size
  
  96KB
- MD5
  
  96d29aab4a1230f8df9942c9d277d194
- SHA1
  
  5c65b8ab586646f6bfefd42e0d5d445cd1cf8f15
- SHA256
  
  2f5820281c67a1e103bdc3a40684ecf34c3323c83a00b4b56b55ecf717823be9
- SHA512
  
  79532940c5b74ded1e42aaf30efeeeeb8c7c365252b2627df6e5bc213043221a644e429a289c93d788238056ff12b5fe420d0922d2bcb66bc2dc380f51a25100
- SSDEEP
  
  1536:xgZVb0YJsUPp3tnSWlHrnCjPxJrUS4U91303yj/FPO4Nw2t1MhrUQVoMdUT+irF:AbN53lSWlL6Prvt1Mhr1Rhk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence