1b3edb587a90c2eed4aa693954461354cf810804cdb7c8f60565a7a5a6fe3c1b | Triage

Sharing

General

Target

1b3edb587a90c2eed4aa693954461354cf810804cdb7c8f60565a7a5a6fe3c1b
Size

64KB
Sample

240914-xwwfza1cpe
MD5

71f2372ddf0c19095ee0d2f5fb987fa9
SHA1

2517de921ac3830e65e061af280e15f0b329faea
SHA256

1b3edb587a90c2eed4aa693954461354cf810804cdb7c8f60565a7a5a6fe3c1b
SHA512

905d4192e38f5f331ebb084e340e4daf814edfa44dc262c07579a5d1d33f88bbb2f44c45fd3ddfce65abc3229cb3f8ff1e589e2b96146dc4c32cf4b4c0d6140b
SSDEEP

1536:5sw1bEQyF9O5AA5VjhlVxWMN8PleO6XKhbMbt2:T0OVzjAQO6Xjt2

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  1b3edb587a90c2eed4aa693954461354cf810804cdb7c8f60565a7a5a6fe3c1b
- Size
  
  64KB
- MD5
  
  71f2372ddf0c19095ee0d2f5fb987fa9
- SHA1
  
  2517de921ac3830e65e061af280e15f0b329faea
- SHA256
  
  1b3edb587a90c2eed4aa693954461354cf810804cdb7c8f60565a7a5a6fe3c1b
- SHA512
  
  905d4192e38f5f331ebb084e340e4daf814edfa44dc262c07579a5d1d33f88bbb2f44c45fd3ddfce65abc3229cb3f8ff1e589e2b96146dc4c32cf4b4c0d6140b
- SSDEEP
  
  1536:5sw1bEQyF9O5AA5VjhlVxWMN8PleO6XKhbMbt2:T0OVzjAQO6Xjt2
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence