8f0e3c07e418f95f09c8299dcd0f99d5f086b70d6a0f2facbdc5b56b8fa7faef | Triage

Sharing

General

Target

8f0e3c07e418f95f09c8299dcd0f99d5f086b70d6a0f2facbdc5b56b8fa7faefN
Size

432KB
Sample

240920-r5expasdjl
MD5

fccbca8f732ef8f9ffbd2deaa34d8930
SHA1

c511e164d87b9cf0bad08be28ea263febc40f5c5
SHA256

8f0e3c07e418f95f09c8299dcd0f99d5f086b70d6a0f2facbdc5b56b8fa7faef
SHA512

a0595ef7e8a58d43b38555c93567743c4bd0870106aa0803ec58b248700a73d597590ff89cfc2679f3a74f604e22a4032b842ff413bfdcaeafca17de0096cf91
SSDEEP

6144:zrzJD+BehzXjOYpui6yYPaIGckpyWO63t5YNpui6yYP:bNqCzXjOYpV6yYPI3cpV6yYP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8f0e3c07e418f95f09c8299dcd0f99d5f086b70d6a0f2facbdc5b56b8fa7faefN
- Size
  
  432KB
- MD5
  
  fccbca8f732ef8f9ffbd2deaa34d8930
- SHA1
  
  c511e164d87b9cf0bad08be28ea263febc40f5c5
- SHA256
  
  8f0e3c07e418f95f09c8299dcd0f99d5f086b70d6a0f2facbdc5b56b8fa7faef
- SHA512
  
  a0595ef7e8a58d43b38555c93567743c4bd0870106aa0803ec58b248700a73d597590ff89cfc2679f3a74f604e22a4032b842ff413bfdcaeafca17de0096cf91
- SSDEEP
  
  6144:zrzJD+BehzXjOYpui6yYPaIGckpyWO63t5YNpui6yYP:bNqCzXjOYpV6yYPI3cpV6yYP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence