1de476805c5fe16ee4c470efaaaf2fada28bb2b2cbf0f6b22d714225dba2fb9b | Triage

Sharing

General

Target

1de476805c5fe16ee4c470efaaaf2fada28bb2b2cbf0f6b22d714225dba2fb9bN
Size

80KB
Sample

240920-nfct9atcke
MD5

b843ef7ce8efc2cf9559b47ab51c7e50
SHA1

ade37f0a3c944604ef4460e104f632803d14fb53
SHA256

1de476805c5fe16ee4c470efaaaf2fada28bb2b2cbf0f6b22d714225dba2fb9b
SHA512

8c000b954af18f8081c6c08985eb3cc1f07a91bde8649ec44042fcb0860e9186cbe6a2e44d338fd0529b09d21bea79202d2e0d145b0e7bf8cfb7c7e600cefcae
SSDEEP

1536:ylrlEalwsniftW6yq6g+gUZ4Y9SMNBSr6yiVXN+zL20gJi1i9:ylayiftW6rPIBS3iVXgzL20WKS

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  1de476805c5fe16ee4c470efaaaf2fada28bb2b2cbf0f6b22d714225dba2fb9bN
- Size
  
  80KB
- MD5
  
  b843ef7ce8efc2cf9559b47ab51c7e50
- SHA1
  
  ade37f0a3c944604ef4460e104f632803d14fb53
- SHA256
  
  1de476805c5fe16ee4c470efaaaf2fada28bb2b2cbf0f6b22d714225dba2fb9b
- SHA512
  
  8c000b954af18f8081c6c08985eb3cc1f07a91bde8649ec44042fcb0860e9186cbe6a2e44d338fd0529b09d21bea79202d2e0d145b0e7bf8cfb7c7e600cefcae
- SSDEEP
  
  1536:ylrlEalwsniftW6yq6g+gUZ4Y9SMNBSr6yiVXN+zL20gJi1i9:ylayiftW6rPIBS3iVXgzL20WKS
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence