b85528cc57fff2383f1b03392d149442debd6d4c0c69a30f459fa7231f3359d3 | Triage

Sharing

General

Target

f948c37851b2445c8ccf9f55df038f70N
Size

285KB
Sample

240914-rtc9qaygle
MD5

f948c37851b2445c8ccf9f55df038f70
SHA1

b5a6e8f61108db7717ea3cf4ab7497773ca9f3ed
SHA256

b85528cc57fff2383f1b03392d149442debd6d4c0c69a30f459fa7231f3359d3
SHA512

8e3f31598c9e8c9f9ef4047e6de5cb0e0f408a1a556875090098a10537432c5ce9076157cea3b2bf5e825d6241d4ea0c2c0febe2e6c30967479964d09ca4e4b7
SSDEEP

3072:xZ/hAclCrAxvbPZi9W8EefKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:P/hAqJvlio8ffKQIoi7tWa

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f948c37851b2445c8ccf9f55df038f70N
- Size
  
  285KB
- MD5
  
  f948c37851b2445c8ccf9f55df038f70
- SHA1
  
  b5a6e8f61108db7717ea3cf4ab7497773ca9f3ed
- SHA256
  
  b85528cc57fff2383f1b03392d149442debd6d4c0c69a30f459fa7231f3359d3
- SHA512
  
  8e3f31598c9e8c9f9ef4047e6de5cb0e0f408a1a556875090098a10537432c5ce9076157cea3b2bf5e825d6241d4ea0c2c0febe2e6c30967479964d09ca4e4b7
- SSDEEP
  
  3072:xZ/hAclCrAxvbPZi9W8EefKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:P/hAqJvlio8ffKQIoi7tWa
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence