1e05962fe6a8dd015a0abd46e896fe9b86f6d7ae68eca0412cf033b4d539e734 | Triage

Sharing

General

Target

1e05962fe6a8dd015a0abd46e896fe9b86f6d7ae68eca0412cf033b4d539e734N
Size

9.9MB
Sample

240919-hgqjvavhme
MD5

8b333d82d155fa98d1673371a7518a90
SHA1

f8fbf6b8cfa81226badd460b5758a974b63719dd
SHA256

1e05962fe6a8dd015a0abd46e896fe9b86f6d7ae68eca0412cf033b4d539e734
SHA512

1a6c4dccad3852feed08cb7eaf10149889e2619450a0873e8e33b0e26134fd993bd10ec736d3496a62ebd420767273690a4443c721e1a2d0bc58154fe175acad
SSDEEP

196608:7HqnhgJuP3LAhCiVXCWeZLsA1oMuWr45hrr2P:US+LVReJWGhrr2P

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  1e05962fe6a8dd015a0abd46e896fe9b86f6d7ae68eca0412cf033b4d539e734N
- Size
  
  9.9MB
- MD5
  
  8b333d82d155fa98d1673371a7518a90
- SHA1
  
  f8fbf6b8cfa81226badd460b5758a974b63719dd
- SHA256
  
  1e05962fe6a8dd015a0abd46e896fe9b86f6d7ae68eca0412cf033b4d539e734
- SHA512
  
  1a6c4dccad3852feed08cb7eaf10149889e2619450a0873e8e33b0e26134fd993bd10ec736d3496a62ebd420767273690a4443c721e1a2d0bc58154fe175acad
- SSDEEP
  
  196608:7HqnhgJuP3LAhCiVXCWeZLsA1oMuWr45hrr2P:US+LVReJWGhrr2P
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence