ff9d440a82e12fa9c8b870cdd5dd7b53ca197a1ae651d6b0a2a510b6d7314fb6 | Triage

Sharing

General

Target

ff9d440a82e12fa9c8b870cdd5dd7b53ca197a1ae651d6b0a2a510b6d7314fb6
Size

80KB
Sample

240914-dvmmwsvepf
MD5

64f69aa6fe35fcac40bcc3fe37d3a478
SHA1

ace5061ab261c1d0855528b463493accd4832ffc
SHA256

ff9d440a82e12fa9c8b870cdd5dd7b53ca197a1ae651d6b0a2a510b6d7314fb6
SHA512

6ee09b6914b4c3fe3386c0f297549fa7be3b4affaf6e5f2a14fd17ef05f15299e22cf02ff6c84ade07ee7e06c67cb3564eab921ff6f717e9cfbfe4ab5cf60d89
SSDEEP

1536:1R6G+t8eN5HDk38zbTns8wxLHZ4VY/y2LQS5DUHRbPa9b6i+sIk:1RwuOtk38zbTsZt4VY//QS5DSCopsIk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ff9d440a82e12fa9c8b870cdd5dd7b53ca197a1ae651d6b0a2a510b6d7314fb6
- Size
  
  80KB
- MD5
  
  64f69aa6fe35fcac40bcc3fe37d3a478
- SHA1
  
  ace5061ab261c1d0855528b463493accd4832ffc
- SHA256
  
  ff9d440a82e12fa9c8b870cdd5dd7b53ca197a1ae651d6b0a2a510b6d7314fb6
- SHA512
  
  6ee09b6914b4c3fe3386c0f297549fa7be3b4affaf6e5f2a14fd17ef05f15299e22cf02ff6c84ade07ee7e06c67cb3564eab921ff6f717e9cfbfe4ab5cf60d89
- SSDEEP
  
  1536:1R6G+t8eN5HDk38zbTns8wxLHZ4VY/y2LQS5DUHRbPa9b6i+sIk:1RwuOtk38zbTsZt4VY//QS5DSCopsIk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence