f6d353f88c09613a5b01c0bae2f54a957df936a4e1b092982e3429f05d05b897 | Triage

Sharing

General

Target

f6d353f88c09613a5b01c0bae2f54a957df936a4e1b092982e3429f05d05b897
Size

73KB
Sample

240914-rssb9ayckp
MD5

488e5e9fd5becc16b7c83779e3269c2c
SHA1

9b5d62d81eaf3e2258801f21b6f9c7f1a5a4bb72
SHA256

f6d353f88c09613a5b01c0bae2f54a957df936a4e1b092982e3429f05d05b897
SHA512

dec0a0c933a89c31840354cc8640ec5fe6a6cc11dc427f2530af56bb54ee46f925f4dd97c14ba7e15efd1d3b797b19d14501ac88edb7bb8694d5dd3e0b7df77d
SSDEEP

1536:gHcSWxLXCC/Qp7ZwlYzYrsVTV5YMkhohBM:gHpWxmCoQlYkYVTHUAM

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f6d353f88c09613a5b01c0bae2f54a957df936a4e1b092982e3429f05d05b897
- Size
  
  73KB
- MD5
  
  488e5e9fd5becc16b7c83779e3269c2c
- SHA1
  
  9b5d62d81eaf3e2258801f21b6f9c7f1a5a4bb72
- SHA256
  
  f6d353f88c09613a5b01c0bae2f54a957df936a4e1b092982e3429f05d05b897
- SHA512
  
  dec0a0c933a89c31840354cc8640ec5fe6a6cc11dc427f2530af56bb54ee46f925f4dd97c14ba7e15efd1d3b797b19d14501ac88edb7bb8694d5dd3e0b7df77d
- SSDEEP
  
  1536:gHcSWxLXCC/Qp7ZwlYzYrsVTV5YMkhohBM:gHpWxmCoQlYkYVTHUAM
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence