40b8f6a001b78cd2ec1770a1581a23bf7941b5f294187003e6bf736df38d60eb | Triage

Sharing

General

Target

40b8f6a001b78cd2ec1770a1581a23bf7941b5f294187003e6bf736df38d60eb
Size

75KB
Sample

240913-zpcfmayfje
MD5

462df6d07de2b4e83958712044fc3ae7
SHA1

f30b9a55f519f3177d51b11b11a3c71365ded0d9
SHA256

40b8f6a001b78cd2ec1770a1581a23bf7941b5f294187003e6bf736df38d60eb
SHA512

028f3b11394152b35c4056f506ced816096eb0c769817936abae9d29b24b45cb151c37a4991a3294fb801d5471472c78e067d7b3de11f011699746e6a44bd582
SSDEEP

768:nFvyljG/tvvddL8pyctQMLxhE6pQMxyav0jOU6pIEha8SoS0V/1H5FXdnh0M+3qv:nFKmbctFYcyav0N7joZvpO53q52IrFH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  40b8f6a001b78cd2ec1770a1581a23bf7941b5f294187003e6bf736df38d60eb
- Size
  
  75KB
- MD5
  
  462df6d07de2b4e83958712044fc3ae7
- SHA1
  
  f30b9a55f519f3177d51b11b11a3c71365ded0d9
- SHA256
  
  40b8f6a001b78cd2ec1770a1581a23bf7941b5f294187003e6bf736df38d60eb
- SHA512
  
  028f3b11394152b35c4056f506ced816096eb0c769817936abae9d29b24b45cb151c37a4991a3294fb801d5471472c78e067d7b3de11f011699746e6a44bd582
- SSDEEP
  
  768:nFvyljG/tvvddL8pyctQMLxhE6pQMxyav0jOU6pIEha8SoS0V/1H5FXdnh0M+3qv:nFKmbctFYcyav0N7joZvpO53q52IrFH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence