0029d5608a9f5f9678052c58ed7ff7e1ce9f7757df4a31aa6ccd5b8e6b8b1672 | Triage

Sharing

General

Target

0029d5608a9f5f9678052c58ed7ff7e1ce9f7757df4a31aa6ccd5b8e6b8b1672N
Size

88KB
Sample

240919-payp7syall
MD5

b5b72c0c2bb52f657abfc233281f3220
SHA1

09de6b54317b406f984dcaf45d6b08dda2a46fd8
SHA256

0029d5608a9f5f9678052c58ed7ff7e1ce9f7757df4a31aa6ccd5b8e6b8b1672
SHA512

8b5c584058e7df57170c6be10dc9a68da35eb9a2ee3761d8db69dbbf8f552e6cddfe1d148a8c1cf6a344669af704af30118d4c5776970f3bb74e262d171a7b0d
SSDEEP

768:5vw9816thKQLroD4/wQkNrfrunMxVFA3V:lEG/0oDlbunMxVS3V

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  0029d5608a9f5f9678052c58ed7ff7e1ce9f7757df4a31aa6ccd5b8e6b8b1672N
- Size
  
  88KB
- MD5
  
  b5b72c0c2bb52f657abfc233281f3220
- SHA1
  
  09de6b54317b406f984dcaf45d6b08dda2a46fd8
- SHA256
  
  0029d5608a9f5f9678052c58ed7ff7e1ce9f7757df4a31aa6ccd5b8e6b8b1672
- SHA512
  
  8b5c584058e7df57170c6be10dc9a68da35eb9a2ee3761d8db69dbbf8f552e6cddfe1d148a8c1cf6a344669af704af30118d4c5776970f3bb74e262d171a7b0d
- SSDEEP
  
  768:5vw9816thKQLroD4/wQkNrfrunMxVFA3V:lEG/0oDlbunMxVS3V
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence