2ad13a954470be70ef212b64de1d4b0bb09c2d2b5af22e6792ed55d01df5788d | Triage

Sharing

General

Target

2ad13a954470be70ef212b64de1d4b0bb09c2d2b5af22e6792ed55d01df5788dN
Size

9.6MB
Sample

240919-hfe2qawbkn
MD5

c0564b68734ba347816a60f257f65a00
SHA1

77b8bd5f2099defce01cbe1658aedc85aa5f896e
SHA256

2ad13a954470be70ef212b64de1d4b0bb09c2d2b5af22e6792ed55d01df5788d
SHA512

7335c5a1abdfd4284d1aaf8ec4cdee130e221d1cb3ee3ea01cf45b0336277c6e3c0f458a3f3ae0f99a554650b33562940508573c85613a185f1ce0a77009c266
SSDEEP

196608:V7qnhgJuP3LAhCiVX5WvrOA1oMuWr45hrr2S:uS+Le+eJWGhrr2S

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2ad13a954470be70ef212b64de1d4b0bb09c2d2b5af22e6792ed55d01df5788dN
- Size
  
  9.6MB
- MD5
  
  c0564b68734ba347816a60f257f65a00
- SHA1
  
  77b8bd5f2099defce01cbe1658aedc85aa5f896e
- SHA256
  
  2ad13a954470be70ef212b64de1d4b0bb09c2d2b5af22e6792ed55d01df5788d
- SHA512
  
  7335c5a1abdfd4284d1aaf8ec4cdee130e221d1cb3ee3ea01cf45b0336277c6e3c0f458a3f3ae0f99a554650b33562940508573c85613a185f1ce0a77009c266
- SSDEEP
  
  196608:V7qnhgJuP3LAhCiVX5WvrOA1oMuWr45hrr2S:uS+Le+eJWGhrr2S
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence