ab7991c1205ee15277cec2b9c7839c1fce1ba0d47a1ae10a8edacb574f0afd08 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab7991c1205ee15277cec2b9c7839c1fce1ba0d47a1ae10a8edacb574f0afd08
Size

128KB
Sample

240915-a37q9awfpd
MD5

078dc07a2bbcfd2d7f908e24506d86dd
SHA1

87527c7951ad1bdbcdb87675648637a93e0389d0
SHA256

ab7991c1205ee15277cec2b9c7839c1fce1ba0d47a1ae10a8edacb574f0afd08
SHA512

75d4a752f9cd744140582adfadca5b927d9ea46d0899ab3d4f104b4d86e4699273ba1a34630b4bfc0ff9218d673abdc90c8facd0f2143a0340e94561b3d14370
SSDEEP

3072:KRi7LKgGdIEzlJ9IDlRxyhTbhgu+tAcrbFAJc+i:KRwKgGdIEzlsDshsrtMk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ab7991c1205ee15277cec2b9c7839c1fce1ba0d47a1ae10a8edacb574f0afd08
- Size
  
  128KB
- MD5
  
  078dc07a2bbcfd2d7f908e24506d86dd
- SHA1
  
  87527c7951ad1bdbcdb87675648637a93e0389d0
- SHA256
  
  ab7991c1205ee15277cec2b9c7839c1fce1ba0d47a1ae10a8edacb574f0afd08
- SHA512
  
  75d4a752f9cd744140582adfadca5b927d9ea46d0899ab3d4f104b4d86e4699273ba1a34630b4bfc0ff9218d673abdc90c8facd0f2143a0340e94561b3d14370
- SSDEEP
  
  3072:KRi7LKgGdIEzlJ9IDlRxyhTbhgu+tAcrbFAJc+i:KRwKgGdIEzlsDshsrtMk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence