5ecd777649462212355188b5ce8f26bb22673f7d280dfed8abcf055f4b819801 | Triage

Sharing

General

Target

5ecd777649462212355188b5ce8f26bb22673f7d280dfed8abcf055f4b819801
Size

74KB
Sample

240914-g31fhazfnj
MD5

44f4535b67a92ec9d2c8952d2cc3bbbb
SHA1

5a7328f5b737b9d855e5c33c9491e6ab5d9691be
SHA256

5ecd777649462212355188b5ce8f26bb22673f7d280dfed8abcf055f4b819801
SHA512

7cba4fb8b63e0156bb02574dd78a8b7b1d8e16a806fb228e6258b648fbf9dcc8ecadb945f55dbfe5a0f5006a0cc88ed03004e1067818161304374b5ced8aa012
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOjFe:GhfxHNIreQm+Hi3

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  5ecd777649462212355188b5ce8f26bb22673f7d280dfed8abcf055f4b819801
- Size
  
  74KB
- MD5
  
  44f4535b67a92ec9d2c8952d2cc3bbbb
- SHA1
  
  5a7328f5b737b9d855e5c33c9491e6ab5d9691be
- SHA256
  
  5ecd777649462212355188b5ce8f26bb22673f7d280dfed8abcf055f4b819801
- SHA512
  
  7cba4fb8b63e0156bb02574dd78a8b7b1d8e16a806fb228e6258b648fbf9dcc8ecadb945f55dbfe5a0f5006a0cc88ed03004e1067818161304374b5ced8aa012
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOjFe:GhfxHNIreQm+Hi3
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence