dbe1a359764c6cfd7c7c02fc9a8f0f0f65a3cac7bc25e2c8c4d1f9e5eb732ef3 | Triage

Sharing

General

Target

aff249ad2928dc93872b17bfd5b41810N
Size

481KB
Sample

240914-jym1qatfmp
MD5

aff249ad2928dc93872b17bfd5b41810
SHA1

3982453cdeae1bed1bcf40e49eff80f0fdc80da8
SHA256

dbe1a359764c6cfd7c7c02fc9a8f0f0f65a3cac7bc25e2c8c4d1f9e5eb732ef3
SHA512

1c4a0de609e5a9fda29e9151d786473fd93376cc25886222024d54200fa8571e5f82fa0e472fbf8b4e4413a4b7dcb0ec1de60a6c8825e4ddf2aa73678b9a7544
SSDEEP

6144:O/DFYmTHdd/FM6234lKm3mo8Yvi4KsLTFM6234lKm3+ry+dBQ:8DFZTHd9FB24lwR45FB24l4++dBQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  aff249ad2928dc93872b17bfd5b41810N
- Size
  
  481KB
- MD5
  
  aff249ad2928dc93872b17bfd5b41810
- SHA1
  
  3982453cdeae1bed1bcf40e49eff80f0fdc80da8
- SHA256
  
  dbe1a359764c6cfd7c7c02fc9a8f0f0f65a3cac7bc25e2c8c4d1f9e5eb732ef3
- SHA512
  
  1c4a0de609e5a9fda29e9151d786473fd93376cc25886222024d54200fa8571e5f82fa0e472fbf8b4e4413a4b7dcb0ec1de60a6c8825e4ddf2aa73678b9a7544
- SSDEEP
  
  6144:O/DFYmTHdd/FM6234lKm3mo8Yvi4KsLTFM6234lKm3+ry+dBQ:8DFZTHd9FB24lwR45FB24l4++dBQ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence