d980e99e16bb66145910fca9ce375db7ae70d01675b7b0835f122b20527fed7f | Triage

Sharing

General

Target

d980e99e16bb66145910fca9ce375db7ae70d01675b7b0835f122b20527fed7f
Size

256KB
Sample

240914-pldjeatbnn
MD5

4dc5d920fc7e9dda6d2005e0dd6558f2
SHA1

82db804ecf138f9c2ef14706b48c027c947fd598
SHA256

d980e99e16bb66145910fca9ce375db7ae70d01675b7b0835f122b20527fed7f
SHA512

63c180aec360d7deb0e69c94b220a82fb4fb3ff7616ec3e1a3543ba1699f2606ac21b778786761053eae9ca6505921821e6987ea16d9351eadd32214c810b599
SSDEEP

6144:x1Eymqn8gM2nLg6UmKyIxLDXXoq9FJZCUmK/:58gM2nf32XXf9Do3M

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d980e99e16bb66145910fca9ce375db7ae70d01675b7b0835f122b20527fed7f
- Size
  
  256KB
- MD5
  
  4dc5d920fc7e9dda6d2005e0dd6558f2
- SHA1
  
  82db804ecf138f9c2ef14706b48c027c947fd598
- SHA256
  
  d980e99e16bb66145910fca9ce375db7ae70d01675b7b0835f122b20527fed7f
- SHA512
  
  63c180aec360d7deb0e69c94b220a82fb4fb3ff7616ec3e1a3543ba1699f2606ac21b778786761053eae9ca6505921821e6987ea16d9351eadd32214c810b599
- SSDEEP
  
  6144:x1Eymqn8gM2nLg6UmKyIxLDXXoq9FJZCUmK/:58gM2nf32XXf9Do3M
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence