f0495f74781d1c3dc8e120e762237ae7b8ad5a6675f2105f93a7fb4a6e80fa7b | Triage

Sharing

General

Target

f0495f74781d1c3dc8e120e762237ae7b8ad5a6675f2105f93a7fb4a6e80fa7bN
Size

89KB
Sample

240920-nldczatela
MD5

b41647ccd2b3492bd5a5b4d2e006ada0
SHA1

3c117535d12a9d2445db7f8e046590a287dbd0a6
SHA256

f0495f74781d1c3dc8e120e762237ae7b8ad5a6675f2105f93a7fb4a6e80fa7b
SHA512

63bd22db67e647edcaa00cfc7d0a609a47fc5d14a6f3871c2e7bcb464fb882c375be85313763dc8c10d1f4be345aee9372047558157ca6cf6b2febee9ec0d036
SSDEEP

1536:BzWWGG8nFfAUMVLHtnCesPqFmr2xycDc4un4qaUIcelExkg8F:BzW/F9ALMxqQgvvuGcelakgw

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f0495f74781d1c3dc8e120e762237ae7b8ad5a6675f2105f93a7fb4a6e80fa7bN
- Size
  
  89KB
- MD5
  
  b41647ccd2b3492bd5a5b4d2e006ada0
- SHA1
  
  3c117535d12a9d2445db7f8e046590a287dbd0a6
- SHA256
  
  f0495f74781d1c3dc8e120e762237ae7b8ad5a6675f2105f93a7fb4a6e80fa7b
- SHA512
  
  63bd22db67e647edcaa00cfc7d0a609a47fc5d14a6f3871c2e7bcb464fb882c375be85313763dc8c10d1f4be345aee9372047558157ca6cf6b2febee9ec0d036
- SSDEEP
  
  1536:BzWWGG8nFfAUMVLHtnCesPqFmr2xycDc4un4qaUIcelExkg8F:BzW/F9ALMxqQgvvuGcelakgw
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence