b617e8ab65edb954c4434bd351bfb4e98303ff06e04e49b6015a14a561677d68 | Triage

Sharing

General

Target

b617e8ab65edb954c4434bd351bfb4e98303ff06e04e49b6015a14a561677d68N
Size

56KB
Sample

240919-gqvdqavalr
MD5

e304dc0c6824de4fc400bd56bf359f90
SHA1

62154a4e8c95b1c0695749c06ae2eca01fefb801
SHA256

b617e8ab65edb954c4434bd351bfb4e98303ff06e04e49b6015a14a561677d68
SHA512

2d5d06a2605ee9514635790712faaf24d2b9489d6bf5813b3c098b2b5b72c1b9e403d6d5f63aa89cee64a37fa1ec2b1c85e6cf43dca9d6bc94b8fb7daedc87ee
SSDEEP

1536:lyYy6aOvIujeRy6gEdhoUprURXAoSoNF:Q152IPRy9ErURLRF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b617e8ab65edb954c4434bd351bfb4e98303ff06e04e49b6015a14a561677d68N
- Size
  
  56KB
- MD5
  
  e304dc0c6824de4fc400bd56bf359f90
- SHA1
  
  62154a4e8c95b1c0695749c06ae2eca01fefb801
- SHA256
  
  b617e8ab65edb954c4434bd351bfb4e98303ff06e04e49b6015a14a561677d68
- SHA512
  
  2d5d06a2605ee9514635790712faaf24d2b9489d6bf5813b3c098b2b5b72c1b9e403d6d5f63aa89cee64a37fa1ec2b1c85e6cf43dca9d6bc94b8fb7daedc87ee
- SSDEEP
  
  1536:lyYy6aOvIujeRy6gEdhoUprURXAoSoNF:Q152IPRy9ErURLRF
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence