0d2f0aa1e63f4e52a0db55a4cd790558d5e6fa31bde7101ab17754a5ec3f6e04 | Triage

Sharing

General

Target

0d2f0aa1e63f4e52a0db55a4cd790558d5e6fa31bde7101ab17754a5ec3f6e04
Size

89KB
Sample

240914-xb4xlsyhjl
MD5

94491a72fcd2af8058c70a98bfe2eb02
SHA1

58d3487a5163abf02a0952df31540aba7e134446
SHA256

0d2f0aa1e63f4e52a0db55a4cd790558d5e6fa31bde7101ab17754a5ec3f6e04
SHA512

4874bfd17d7fd744b2407998e13d824f44363d62f0035a012059095dc45139b62b8e157dab6e221223f3fe581e1cc0e3d385265611b8d23e5088bb8915b5d52b
SSDEEP

1536:4hQSnRvQiJgvbc0DtnMT+ss6A/Z+95DnS/mzSygcrlExkg8Fk:4h1nRx6Ag2E/Z+scrlakgwk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0d2f0aa1e63f4e52a0db55a4cd790558d5e6fa31bde7101ab17754a5ec3f6e04
- Size
  
  89KB
- MD5
  
  94491a72fcd2af8058c70a98bfe2eb02
- SHA1
  
  58d3487a5163abf02a0952df31540aba7e134446
- SHA256
  
  0d2f0aa1e63f4e52a0db55a4cd790558d5e6fa31bde7101ab17754a5ec3f6e04
- SHA512
  
  4874bfd17d7fd744b2407998e13d824f44363d62f0035a012059095dc45139b62b8e157dab6e221223f3fe581e1cc0e3d385265611b8d23e5088bb8915b5d52b
- SSDEEP
  
  1536:4hQSnRvQiJgvbc0DtnMT+ss6A/Z+95DnS/mzSygcrlExkg8Fk:4h1nRx6Ag2E/Z+scrlakgwk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence