8fb811fec4b9f4bbd0365f4763efbe2ec5ac32ec51ee32828354722bd5c1c0a5 | Triage

Sharing

General

Target

c5ec1b0fea8e869f1925ee2f48991280N
Size

186KB
Sample

240914-vdjy4sthqr
MD5

c5ec1b0fea8e869f1925ee2f48991280
SHA1

f9ee4b8b26595e903a9959be2125f10f6383956f
SHA256

8fb811fec4b9f4bbd0365f4763efbe2ec5ac32ec51ee32828354722bd5c1c0a5
SHA512

98edc2b1b26808cc1b3152142911e27fc9722c25bd61cd4102244f8c1d317fe59f2cd7641c32640d29f2cfecbbfa480b6131587f88aab9e1ccd3f0b9b946104f
SSDEEP

3072:KNCKHfBEIFa6AuLG7g/OD33OzGYJpD9r8XxrYnQg4sIgQxzjGG1wsKY:KNFJEwEDrD33sGyZ6YugQdjGG1wsKY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c5ec1b0fea8e869f1925ee2f48991280N
- Size
  
  186KB
- MD5
  
  c5ec1b0fea8e869f1925ee2f48991280
- SHA1
  
  f9ee4b8b26595e903a9959be2125f10f6383956f
- SHA256
  
  8fb811fec4b9f4bbd0365f4763efbe2ec5ac32ec51ee32828354722bd5c1c0a5
- SHA512
  
  98edc2b1b26808cc1b3152142911e27fc9722c25bd61cd4102244f8c1d317fe59f2cd7641c32640d29f2cfecbbfa480b6131587f88aab9e1ccd3f0b9b946104f
- SSDEEP
  
  3072:KNCKHfBEIFa6AuLG7g/OD33OzGYJpD9r8XxrYnQg4sIgQxzjGG1wsKY:KNFJEwEDrD33sGyZ6YugQdjGG1wsKY
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence