cdad38d9e68ec30ec87c254c01c2029942f5ed48011250ee9debe2029f6171d9 | Triage

Sharing

General

Target

cdad38d9e68ec30ec87c254c01c2029942f5ed48011250ee9debe2029f6171d9N
Size

64KB
Sample

240920-w1kplazhpa
MD5

e970ea7685942608f6c85794ad0525b0
SHA1

5a28bbf621dfbe9a485d1c42524de5b8ab0c24b7
SHA256

cdad38d9e68ec30ec87c254c01c2029942f5ed48011250ee9debe2029f6171d9
SHA512

8cd809bbae6f175c8c5b58c38ca66804db05c01c4f9361d6d2e81c4dbec1546a60b881f13850bd67aecb8753ed1380f38b4ea8398a389e20bde1859ebd6ab360
SSDEEP

1536:P1I7Nd4IORXf5UeWcRd44losC4tTUXruCHcpzt/Idn:tI7NfuXWDAxoHgvpFwn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  cdad38d9e68ec30ec87c254c01c2029942f5ed48011250ee9debe2029f6171d9N
- Size
  
  64KB
- MD5
  
  e970ea7685942608f6c85794ad0525b0
- SHA1
  
  5a28bbf621dfbe9a485d1c42524de5b8ab0c24b7
- SHA256
  
  cdad38d9e68ec30ec87c254c01c2029942f5ed48011250ee9debe2029f6171d9
- SHA512
  
  8cd809bbae6f175c8c5b58c38ca66804db05c01c4f9361d6d2e81c4dbec1546a60b881f13850bd67aecb8753ed1380f38b4ea8398a389e20bde1859ebd6ab360
- SSDEEP
  
  1536:P1I7Nd4IORXf5UeWcRd44losC4tTUXruCHcpzt/Idn:tI7NfuXWDAxoHgvpFwn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence