8b2ec689736bba5ee831b2eddf7e35a0c1d5c677ee61f24e540791872caca3ea | Triage

Sharing

General

Target

ef94f12e910f2d3c3ee326e942f7af70N
Size

163KB
Sample

240913-yjp9vswbqf
MD5

ef94f12e910f2d3c3ee326e942f7af70
SHA1

ca93f1b59d92b801c78c4f792db6b2d6c4f84b95
SHA256

8b2ec689736bba5ee831b2eddf7e35a0c1d5c677ee61f24e540791872caca3ea
SHA512

5e08031ab517c4b333d4e10e854799a67b32f3f2241e7d363c0e61dd41c74b8c2d2a6ae389a103a8343642c60438eb8af84e228d8d5d163a904d1dc88887c9f7
SSDEEP

3072:NQB40RCQMjrt8LnbzYgnWAUjWDUIwLyc4F:NhlrsnbsgnwyDUFd4F

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ef94f12e910f2d3c3ee326e942f7af70N
- Size
  
  163KB
- MD5
  
  ef94f12e910f2d3c3ee326e942f7af70
- SHA1
  
  ca93f1b59d92b801c78c4f792db6b2d6c4f84b95
- SHA256
  
  8b2ec689736bba5ee831b2eddf7e35a0c1d5c677ee61f24e540791872caca3ea
- SHA512
  
  5e08031ab517c4b333d4e10e854799a67b32f3f2241e7d363c0e61dd41c74b8c2d2a6ae389a103a8343642c60438eb8af84e228d8d5d163a904d1dc88887c9f7
- SSDEEP
  
  3072:NQB40RCQMjrt8LnbzYgnWAUjWDUIwLyc4F:NhlrsnbsgnwyDUFd4F
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence