e8f6b96b253d4734cd5840cf16ccd0b2493d2cfb92c2b0b8a12ae7ba22b2c272 | Triage

Sharing

General

Target

e8f6b96b253d4734cd5840cf16ccd0b2493d2cfb92c2b0b8a12ae7ba22b2c272
Size

487KB
Sample

240920-3dqqnatfma
MD5

a6cdd721594e5f6daa7f24a14f5183c1
SHA1

04eefbf598975a9d8b393769782d5dc5a4c8e235
SHA256

e8f6b96b253d4734cd5840cf16ccd0b2493d2cfb92c2b0b8a12ae7ba22b2c272
SHA512

0aa8b765b6308f485439e2751a32b999e6ddc6bc274a369f46f35197aa448a8b3578a28d52c74ba394280770a0d69b58f0cc28594177729a6ebd7560c46a7ca5
SSDEEP

6144:88PmmhI2y/JAQ///NR5fLYG3eujPQ///NR5f:jyTx/NcZ7/N

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e8f6b96b253d4734cd5840cf16ccd0b2493d2cfb92c2b0b8a12ae7ba22b2c272
- Size
  
  487KB
- MD5
  
  a6cdd721594e5f6daa7f24a14f5183c1
- SHA1
  
  04eefbf598975a9d8b393769782d5dc5a4c8e235
- SHA256
  
  e8f6b96b253d4734cd5840cf16ccd0b2493d2cfb92c2b0b8a12ae7ba22b2c272
- SHA512
  
  0aa8b765b6308f485439e2751a32b999e6ddc6bc274a369f46f35197aa448a8b3578a28d52c74ba394280770a0d69b58f0cc28594177729a6ebd7560c46a7ca5
- SSDEEP
  
  6144:88PmmhI2y/JAQ///NR5fLYG3eujPQ///NR5f:jyTx/NcZ7/N
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence