c72677d7fb6f1ac7211fd3fec6359b73fbac3998868a79bf33c2e69f91272d9f | Triage

Sharing

General

Target

c72677d7fb6f1ac7211fd3fec6359b73fbac3998868a79bf33c2e69f91272d9fN
Size

320KB
Sample

240920-fsvxlazekf
MD5

ce072f2c163ebe5b4e56c662e8256bf0
SHA1

1099e226546cd3a9abe9f98a3cabeef4f0125aaf
SHA256

c72677d7fb6f1ac7211fd3fec6359b73fbac3998868a79bf33c2e69f91272d9f
SHA512

ee8b2ac7c065d19b2ae522668934a2b352139895fd02d54043c40cdfb1c68fb78ebe239c08b34666c65b23de24398f7957b8182af0a7342e40b8d810e9260551
SSDEEP

3072:w6xi8u6g3Id+y8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqN:DxXu6gYd0ZgZ0Wd/OWdPS2L8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c72677d7fb6f1ac7211fd3fec6359b73fbac3998868a79bf33c2e69f91272d9fN
- Size
  
  320KB
- MD5
  
  ce072f2c163ebe5b4e56c662e8256bf0
- SHA1
  
  1099e226546cd3a9abe9f98a3cabeef4f0125aaf
- SHA256
  
  c72677d7fb6f1ac7211fd3fec6359b73fbac3998868a79bf33c2e69f91272d9f
- SHA512
  
  ee8b2ac7c065d19b2ae522668934a2b352139895fd02d54043c40cdfb1c68fb78ebe239c08b34666c65b23de24398f7957b8182af0a7342e40b8d810e9260551
- SSDEEP
  
  3072:w6xi8u6g3Id+y8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqN:DxXu6gYd0ZgZ0Wd/OWdPS2L8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence