2b6160b66405385d5d51d75797ca7ae758aaedf5c64e5399cda89dcaf3c68c32 | Triage

Sharing

General

Target

2b6160b66405385d5d51d75797ca7ae758aaedf5c64e5399cda89dcaf3c68c32N
Size

188KB
Sample

240920-3prr4avclb
MD5

f1ba0139c4bc2b71610f3f17a528a140
SHA1

a57440de2b36439ace5a432b9770a8ce9917fcf0
SHA256

2b6160b66405385d5d51d75797ca7ae758aaedf5c64e5399cda89dcaf3c68c32
SHA512

9c6b2f42113d1cf35297027b728a7f67b526d1cb2135b17cc978db8d15dcb50bcf5d66bcc26be952a056387b98389587f657e734bbcb132e7a471f5261437379
SSDEEP

3072:4KY0wjDkQpQVhuZRWj1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:48w/hpnWj1AelhEN4MujGJoSoDco

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2b6160b66405385d5d51d75797ca7ae758aaedf5c64e5399cda89dcaf3c68c32N
- Size
  
  188KB
- MD5
  
  f1ba0139c4bc2b71610f3f17a528a140
- SHA1
  
  a57440de2b36439ace5a432b9770a8ce9917fcf0
- SHA256
  
  2b6160b66405385d5d51d75797ca7ae758aaedf5c64e5399cda89dcaf3c68c32
- SHA512
  
  9c6b2f42113d1cf35297027b728a7f67b526d1cb2135b17cc978db8d15dcb50bcf5d66bcc26be952a056387b98389587f657e734bbcb132e7a471f5261437379
- SSDEEP
  
  3072:4KY0wjDkQpQVhuZRWj1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:48w/hpnWj1AelhEN4MujGJoSoDco
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence