9799b49ca8f642b2650139290c807b9f8b9ce6a8898d636b3b4222982935b2b8 | Triage

Sharing

General

Target

9799b49ca8f642b2650139290c807b9f8b9ce6a8898d636b3b4222982935b2b8
Size

1.4MB
Sample

240920-1htxrszama
MD5

692a617a6b2af5abcd5d74d2fd879616
SHA1

eab4a1060375bbe8ba94f23be7bc9015a38ca2cc
SHA256

9799b49ca8f642b2650139290c807b9f8b9ce6a8898d636b3b4222982935b2b8
SHA512

227071e666343ace17a757d00c777a195b7a58b8b5f863d48db4f8e67ddce93a146c6fae1fff010048381c812bf689ec380676fb6a7ac5747899483dd9875f78
SSDEEP

12288:uGSUR9Nd7CzXjOYpV6yYPbHCXwpnsKvNA+XTvZHWuEo3oWL5g:l3d7CzXjOYW3psKv2EvZHp3oWNg

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9799b49ca8f642b2650139290c807b9f8b9ce6a8898d636b3b4222982935b2b8
- Size
  
  1.4MB
- MD5
  
  692a617a6b2af5abcd5d74d2fd879616
- SHA1
  
  eab4a1060375bbe8ba94f23be7bc9015a38ca2cc
- SHA256
  
  9799b49ca8f642b2650139290c807b9f8b9ce6a8898d636b3b4222982935b2b8
- SHA512
  
  227071e666343ace17a757d00c777a195b7a58b8b5f863d48db4f8e67ddce93a146c6fae1fff010048381c812bf689ec380676fb6a7ac5747899483dd9875f78
- SSDEEP
  
  12288:uGSUR9Nd7CzXjOYpV6yYPbHCXwpnsKvNA+XTvZHWuEo3oWL5g:l3d7CzXjOYW3psKv2EvZHp3oWNg
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence