b80ccafd5950aad30390ce088a782bbb9b1eb380a1df7445bc3ed504f09061a2 | Triage

Sharing

General

Target

b80ccafd5950aad30390ce088a782bbb9b1eb380a1df7445bc3ed504f09061a2N
Size

128KB
Sample

240920-kvp7cayble
MD5

9da9f13059ae7b15a5c25baf399073a0
SHA1

945eed54a86ef524790d557de0e8df3faf64fd55
SHA256

b80ccafd5950aad30390ce088a782bbb9b1eb380a1df7445bc3ed504f09061a2
SHA512

0673d0e5cdab05886b9c14eabd7f5b2c0b8205ae3b5bccb1f9ebd820780ec242e2260df2ec02d95f1cac19021fb0e1c58b9db912a68cbbb299d5431ad1bb04bf
SSDEEP

3072:EtUAhfWdQZh9tZVEX15teiGpOO1AerDtsr3vhqhEN4MAH+mbp:BO+iZDtZVEF5eOO1AelhEN4Mujp

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b80ccafd5950aad30390ce088a782bbb9b1eb380a1df7445bc3ed504f09061a2N
- Size
  
  128KB
- MD5
  
  9da9f13059ae7b15a5c25baf399073a0
- SHA1
  
  945eed54a86ef524790d557de0e8df3faf64fd55
- SHA256
  
  b80ccafd5950aad30390ce088a782bbb9b1eb380a1df7445bc3ed504f09061a2
- SHA512
  
  0673d0e5cdab05886b9c14eabd7f5b2c0b8205ae3b5bccb1f9ebd820780ec242e2260df2ec02d95f1cac19021fb0e1c58b9db912a68cbbb299d5431ad1bb04bf
- SSDEEP
  
  3072:EtUAhfWdQZh9tZVEX15teiGpOO1AerDtsr3vhqhEN4MAH+mbp:BO+iZDtZVEF5eOO1AelhEN4Mujp
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence