8a3df16f78eaaf08ff288766f4396e44ec203165c292fea1bc3b2e259c5cc914 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e6cffb3414e767b9d7a7efa0e8af5810N.exe
Size

790KB
Sample

240915-h5eggs1hrc
MD5

e6cffb3414e767b9d7a7efa0e8af5810
SHA1

525dc5432d04394076db7e10064d8f992e52e922
SHA256

8a3df16f78eaaf08ff288766f4396e44ec203165c292fea1bc3b2e259c5cc914
SHA512

f2b61e43dd0b9eebb15c800feb3725513fb0e3e7c2eb0f48c89d7a95bca8f42841a8b9fbf3baa27a0f416cd61d080a8ead6651215456691729bd5b32fb1b193d
SSDEEP

12288:2rNWgpFB24lA87g7/VycgE81lgxaa79y:QNh5PBoIlg17o

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e6cffb3414e767b9d7a7efa0e8af5810N.exe
- Size
  
  790KB
- MD5
  
  e6cffb3414e767b9d7a7efa0e8af5810
- SHA1
  
  525dc5432d04394076db7e10064d8f992e52e922
- SHA256
  
  8a3df16f78eaaf08ff288766f4396e44ec203165c292fea1bc3b2e259c5cc914
- SHA512
  
  f2b61e43dd0b9eebb15c800feb3725513fb0e3e7c2eb0f48c89d7a95bca8f42841a8b9fbf3baa27a0f416cd61d080a8ead6651215456691729bd5b32fb1b193d
- SSDEEP
  
  12288:2rNWgpFB24lA87g7/VycgE81lgxaa79y:QNh5PBoIlg17o
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence