ed6fdf897e8ff7ce06c41373b05f5d39cdc022c88049f51cc5781052ed529320 | Triage

Sharing

General

Target

ed6fdf897e8ff7ce06c41373b05f5d39cdc022c88049f51cc5781052ed529320
Size

93KB
Sample

240919-dnwbfsxgmg
MD5

3c0cceabc2f0d089c8ffe6bebb465dfa
SHA1

9214936f72e6bfd4cc36a49250640086d9152ac7
SHA256

ed6fdf897e8ff7ce06c41373b05f5d39cdc022c88049f51cc5781052ed529320
SHA512

b320c2ce0e34d670b4ecd177cb42f066af966ad42a6ec3880f24bc540359f42282874ebc897a6412d2e491aaac79e5e44a4c7c8c6068dc643ce9bda45fb1ae5d
SSDEEP

1536:N+EpZHIA05rzm9iJ0VQ14FmFeOkULURidyUwd5qsaMiwihtIbbpkp:Nn5yki+S4FMeOkULURid3wd5qdMiwaIu

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ed6fdf897e8ff7ce06c41373b05f5d39cdc022c88049f51cc5781052ed529320
- Size
  
  93KB
- MD5
  
  3c0cceabc2f0d089c8ffe6bebb465dfa
- SHA1
  
  9214936f72e6bfd4cc36a49250640086d9152ac7
- SHA256
  
  ed6fdf897e8ff7ce06c41373b05f5d39cdc022c88049f51cc5781052ed529320
- SHA512
  
  b320c2ce0e34d670b4ecd177cb42f066af966ad42a6ec3880f24bc540359f42282874ebc897a6412d2e491aaac79e5e44a4c7c8c6068dc643ce9bda45fb1ae5d
- SSDEEP
  
  1536:N+EpZHIA05rzm9iJ0VQ14FmFeOkULURidyUwd5qsaMiwihtIbbpkp:Nn5yki+S4FMeOkULURid3wd5qdMiwaIu
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence