6fa5b590c382ddd126c638f78ea762502a3d5771cb0ec7388bf4a48a824516d2 | Triage

Sharing

General

Target

6fa5b590c382ddd126c638f78ea762502a3d5771cb0ec7388bf4a48a824516d2N
Size

73KB
Sample

240919-mhv8yatdme
MD5

8df5d3e0a70bef830721c8ac92c22cd0
SHA1

ba0db0472e691b81f2bed97d90d5d9ec0697caa6
SHA256

6fa5b590c382ddd126c638f78ea762502a3d5771cb0ec7388bf4a48a824516d2
SHA512

28b00b2e6df1cf778a3336fa7a8719ec906d489b6d15716bf10f75e0b935cec7aab0c3a5273dcea28c9d915d8152ad7f23eeaba39705f07d523cb4a423cfca61
SSDEEP

1536:mdIL4B8BbfGgzHWr3nCXne70h+guCDXe5YMkhohBM:mdIL4B8N+g6CXne70h+guCDaUAM

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  6fa5b590c382ddd126c638f78ea762502a3d5771cb0ec7388bf4a48a824516d2N
- Size
  
  73KB
- MD5
  
  8df5d3e0a70bef830721c8ac92c22cd0
- SHA1
  
  ba0db0472e691b81f2bed97d90d5d9ec0697caa6
- SHA256
  
  6fa5b590c382ddd126c638f78ea762502a3d5771cb0ec7388bf4a48a824516d2
- SHA512
  
  28b00b2e6df1cf778a3336fa7a8719ec906d489b6d15716bf10f75e0b935cec7aab0c3a5273dcea28c9d915d8152ad7f23eeaba39705f07d523cb4a423cfca61
- SSDEEP
  
  1536:mdIL4B8BbfGgzHWr3nCXne70h+guCDXe5YMkhohBM:mdIL4B8N+g6CXne70h+guCDaUAM
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence