a8f6608f3aec324d712919c04bdbe1d17735415b553fee6ae4447f1aa414f87a | Triage

Sharing

General

Target

a8f6608f3aec324d712919c04bdbe1d17735415b553fee6ae4447f1aa414f87aN
Size

80KB
Sample

240920-q3phnszamh
MD5

2fc0f9da1b6c2bd55f53ed9e1f148b80
SHA1

83e92ca11df80824f93104bbcb58f8f274099b1c
SHA256

a8f6608f3aec324d712919c04bdbe1d17735415b553fee6ae4447f1aa414f87a
SHA512

e3ad2b8c51de691a2e8969da5339f17ccbbd178134763a07725613248869abccc0d15bce98e5fb72bc13d2a89ac76cb39a43d5b2c459f35f6dcd525977aefa9c
SSDEEP

1536:2TL/uGZNulVRx2m6bp9BVT5J2i75YMkhohBE8VGh:hEIlVRx3AhT5JzdUAEQGh

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a8f6608f3aec324d712919c04bdbe1d17735415b553fee6ae4447f1aa414f87aN
- Size
  
  80KB
- MD5
  
  2fc0f9da1b6c2bd55f53ed9e1f148b80
- SHA1
  
  83e92ca11df80824f93104bbcb58f8f274099b1c
- SHA256
  
  a8f6608f3aec324d712919c04bdbe1d17735415b553fee6ae4447f1aa414f87a
- SHA512
  
  e3ad2b8c51de691a2e8969da5339f17ccbbd178134763a07725613248869abccc0d15bce98e5fb72bc13d2a89ac76cb39a43d5b2c459f35f6dcd525977aefa9c
- SSDEEP
  
  1536:2TL/uGZNulVRx2m6bp9BVT5J2i75YMkhohBE8VGh:hEIlVRx3AhT5JzdUAEQGh
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence