d38ac86b907bb926e04b38e64fadd29864e03b2acf0055c055765bf91d7da43d | Triage

Sharing

General

Target

d38ac86b907bb926e04b38e64fadd29864e03b2acf0055c055765bf91d7da43d
Size

64KB
Sample

240914-cjemga1flm
MD5

6d7978aa6ecb6f3a1077d899508e7c1c
SHA1

d014f01911b66fe3f8a0771228ca0748eb7d1a84
SHA256

d38ac86b907bb926e04b38e64fadd29864e03b2acf0055c055765bf91d7da43d
SHA512

8e861668134a3bc0a466db1ae67293a02d6b6639732acd6d84e87a2894464731ef7451ddfcc2b15f718795e02f8273c20ac98a13bcfddce0c6d060e9236b4979
SSDEEP

768:eX//epzubo//fjnlQQYfdFfxUENKr8duy/1H55+6XJ1IwEGp9ThfzyYsHv:eHepmo//fjl0djUENKrwu43XUwXfzwv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d38ac86b907bb926e04b38e64fadd29864e03b2acf0055c055765bf91d7da43d
- Size
  
  64KB
- MD5
  
  6d7978aa6ecb6f3a1077d899508e7c1c
- SHA1
  
  d014f01911b66fe3f8a0771228ca0748eb7d1a84
- SHA256
  
  d38ac86b907bb926e04b38e64fadd29864e03b2acf0055c055765bf91d7da43d
- SHA512
  
  8e861668134a3bc0a466db1ae67293a02d6b6639732acd6d84e87a2894464731ef7451ddfcc2b15f718795e02f8273c20ac98a13bcfddce0c6d060e9236b4979
- SSDEEP
  
  768:eX//epzubo//fjnlQQYfdFfxUENKr8duy/1H55+6XJ1IwEGp9ThfzyYsHv:eHepmo//fjl0djUENKrwu43XUwXfzwv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence