936e04a96be509d048e6c8ad29d841a1807ec4745a3af8fb051b8a074bcd895a | Triage

Sharing

General

Target

936e04a96be509d048e6c8ad29d841a1807ec4745a3af8fb051b8a074bcd895aN
Size

91KB
Sample

240920-3afraatdre
MD5

be2bf11e483d75bba3c7fd146c9cf6a0
SHA1

277f532d8307eec02baf124b24c627e57a960fce
SHA256

936e04a96be509d048e6c8ad29d841a1807ec4745a3af8fb051b8a074bcd895a
SHA512

46e233359919d1ebd055183ae24a33ca58a41a4e782d36442485a3053001e8fe6bb8c9286b4ef310a7305c948e5894eacbed30d1bd93839a7a1d7b2c58f12831
SSDEEP

1536:vdowIkAkUtM9uTJg4vSmUEoX/7/RLl7OhoC0DF8kfolMx9H1rhKXVXLEYr/viVMi:v+kUtMuvS3JT/RLl7OhohF8yolYoYo/W

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  936e04a96be509d048e6c8ad29d841a1807ec4745a3af8fb051b8a074bcd895aN
- Size
  
  91KB
- MD5
  
  be2bf11e483d75bba3c7fd146c9cf6a0
- SHA1
  
  277f532d8307eec02baf124b24c627e57a960fce
- SHA256
  
  936e04a96be509d048e6c8ad29d841a1807ec4745a3af8fb051b8a074bcd895a
- SHA512
  
  46e233359919d1ebd055183ae24a33ca58a41a4e782d36442485a3053001e8fe6bb8c9286b4ef310a7305c948e5894eacbed30d1bd93839a7a1d7b2c58f12831
- SSDEEP
  
  1536:vdowIkAkUtM9uTJg4vSmUEoX/7/RLl7OhoC0DF8kfolMx9H1rhKXVXLEYr/viVMi:v+kUtMuvS3JT/RLl7OhohF8yolYoYo/W
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence