a5098be52d13d7dfb0324515d5ae6c5fad3b994d00c8dcc3dc62d804bc4b4d92 | Triage

Sharing

General

Target

a5098be52d13d7dfb0324515d5ae6c5fad3b994d00c8dcc3dc62d804bc4b4d92N
Size

377KB
Sample

240920-fpvseszcra
MD5

69a46daf2e5d1db7de6d0bfc4f56a480
SHA1

7a8bc607bf856cbf1ed7ea052c392ce1b5e78506
SHA256

a5098be52d13d7dfb0324515d5ae6c5fad3b994d00c8dcc3dc62d804bc4b4d92
SHA512

8db5eaa435c1aae8315e767456fa630ce4aff012629ddac03314587426c978a03695dc38b6b195b7ea0b3229d17fa1a5fccc9e391115bbe49e6f7ee1571bf228
SSDEEP

6144:NPl+aT0o6Np5OBGSgnohijgAUv5fKx/SgnohignC5V:BNYrO+dMTv5i1dayV

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a5098be52d13d7dfb0324515d5ae6c5fad3b994d00c8dcc3dc62d804bc4b4d92N
- Size
  
  377KB
- MD5
  
  69a46daf2e5d1db7de6d0bfc4f56a480
- SHA1
  
  7a8bc607bf856cbf1ed7ea052c392ce1b5e78506
- SHA256
  
  a5098be52d13d7dfb0324515d5ae6c5fad3b994d00c8dcc3dc62d804bc4b4d92
- SHA512
  
  8db5eaa435c1aae8315e767456fa630ce4aff012629ddac03314587426c978a03695dc38b6b195b7ea0b3229d17fa1a5fccc9e391115bbe49e6f7ee1571bf228
- SSDEEP
  
  6144:NPl+aT0o6Np5OBGSgnohijgAUv5fKx/SgnohignC5V:BNYrO+dMTv5i1dayV
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence