8ebbffe78d18c299c95796244e51cfdea2f7ec121242c68ef0a25886ed2f5256 | Triage

Sharing

General

Target

c5ec619d4e8acac448cf27ba5bbe5a30N
Size

322KB
Sample

240914-hnnzlasbjf
MD5

c5ec619d4e8acac448cf27ba5bbe5a30
SHA1

7ff0ab209b9d7f943c61b3d0aa0fb38fc0d23473
SHA256

8ebbffe78d18c299c95796244e51cfdea2f7ec121242c68ef0a25886ed2f5256
SHA512

cc324c89e9882c64a5a8d33ff7810e1a8ee7d530666d97911b1afce101a431e6193b82947cff32fdeb94fb202044c8c71e33b00fd3cb584bfb46f2bd428a8b24
SSDEEP

3072:LxM6ZdXGnPg3AjfXRu+WUneAoSVGZ3Odl:imZI8+A+WJYkO

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c5ec619d4e8acac448cf27ba5bbe5a30N
- Size
  
  322KB
- MD5
  
  c5ec619d4e8acac448cf27ba5bbe5a30
- SHA1
  
  7ff0ab209b9d7f943c61b3d0aa0fb38fc0d23473
- SHA256
  
  8ebbffe78d18c299c95796244e51cfdea2f7ec121242c68ef0a25886ed2f5256
- SHA512
  
  cc324c89e9882c64a5a8d33ff7810e1a8ee7d530666d97911b1afce101a431e6193b82947cff32fdeb94fb202044c8c71e33b00fd3cb584bfb46f2bd428a8b24
- SSDEEP
  
  3072:LxM6ZdXGnPg3AjfXRu+WUneAoSVGZ3Odl:imZI8+A+WJYkO
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence