169cd7a5fa3225cdef7d95c970a5a4bdfd3aaf447d9e05fd23c885722a728144 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa30c8a1df02595e3972788872affb50N.exe
Size

576KB
Sample

240915-jknebstaqn
MD5

fa30c8a1df02595e3972788872affb50
SHA1

319307f881f3aae2e1060a79dbae79ef7019383b
SHA256

169cd7a5fa3225cdef7d95c970a5a4bdfd3aaf447d9e05fd23c885722a728144
SHA512

e7df2a09a135a1a22df1b7030409abf1ac3020af51a1151544b8b3a5798221b036521be8f6a7538a43e58a2b5e30f0554dd92a13f3948bdc23eb149e86c1eb25
SSDEEP

12288:BbH8JPqKGyXu1jGG1wsGeBgRTGAzciETdqvZNemWrsiLk6mqgSgRDO:pXKGyXsGG1wsLUT3IipX6

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fa30c8a1df02595e3972788872affb50N.exe
- Size
  
  576KB
- MD5
  
  fa30c8a1df02595e3972788872affb50
- SHA1
  
  319307f881f3aae2e1060a79dbae79ef7019383b
- SHA256
  
  169cd7a5fa3225cdef7d95c970a5a4bdfd3aaf447d9e05fd23c885722a728144
- SHA512
  
  e7df2a09a135a1a22df1b7030409abf1ac3020af51a1151544b8b3a5798221b036521be8f6a7538a43e58a2b5e30f0554dd92a13f3948bdc23eb149e86c1eb25
- SSDEEP
  
  12288:BbH8JPqKGyXu1jGG1wsGeBgRTGAzciETdqvZNemWrsiLk6mqgSgRDO:pXKGyXsGG1wsLUT3IipX6
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence