f15defc27ef48cb3c890c47c8c2ddc49bbe5da6e9472d7d855f51b46577fedf3 | Triage

Sharing

General

Target

f15defc27ef48cb3c890c47c8c2ddc49bbe5da6e9472d7d855f51b46577fedf3N
Size

93KB
Sample

240920-efvwdsxbqg
MD5

63d996cb11af724d482a060802a512f0
SHA1

237898ec2287bbc94d83b11749bb5291ab5bd7ff
SHA256

f15defc27ef48cb3c890c47c8c2ddc49bbe5da6e9472d7d855f51b46577fedf3
SHA512

f01ff9ab9175505cdbb2d6fd1f0edf2efc0e8a3c6f81a5afa95fa09ae370f526e47f5da926ddb7b80c396e43d46d37b014d3da8e52bb85af9b627a0c07b71c49
SSDEEP

1536:L/nMA3VtmkrMk4yLAcREfauJ57PdN6zejfCTBtsRQzRkRLJzeLD9N0iQGRNQR8RK:L/MA3W6Mk4kBREfauJ5pAKjHezSJdEN2

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f15defc27ef48cb3c890c47c8c2ddc49bbe5da6e9472d7d855f51b46577fedf3N
- Size
  
  93KB
- MD5
  
  63d996cb11af724d482a060802a512f0
- SHA1
  
  237898ec2287bbc94d83b11749bb5291ab5bd7ff
- SHA256
  
  f15defc27ef48cb3c890c47c8c2ddc49bbe5da6e9472d7d855f51b46577fedf3
- SHA512
  
  f01ff9ab9175505cdbb2d6fd1f0edf2efc0e8a3c6f81a5afa95fa09ae370f526e47f5da926ddb7b80c396e43d46d37b014d3da8e52bb85af9b627a0c07b71c49
- SSDEEP
  
  1536:L/nMA3VtmkrMk4yLAcREfauJ57PdN6zejfCTBtsRQzRkRLJzeLD9N0iQGRNQR8RK:L/MA3W6Mk4kBREfauJ5pAKjHezSJdEN2
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence