b02017c543a2c78ba99cd44568aa3bd1ca8e6207144e0052f144966c9bf9e867 | Triage

Sharing

General

Target

b02017c543a2c78ba99cd44568aa3bd1ca8e6207144e0052f144966c9bf9e867N
Size

56KB
Sample

240920-wb8ecszakl
MD5

79ecff877695981256e1ca32cf4df5e0
SHA1

f1d26c2ce6141cabfe997696a959b9ef8ad1fa52
SHA256

b02017c543a2c78ba99cd44568aa3bd1ca8e6207144e0052f144966c9bf9e867
SHA512

d7af5523a6bf386f419eba73cb04d57d78ab12d58aa9530460ec1590bb225318e40c2dfec8a73a785eb14009bf564a5104afd128943fbee3b8b3687aa64627c3
SSDEEP

768:lu7DUP3gPNLN2jurgwIwqOtCfrduJtZWmI4EGH5VsLvUVcVJwiZ6ST/1H59Xdnh:lZgPzs3HrduJrO4/eUS7CShZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b02017c543a2c78ba99cd44568aa3bd1ca8e6207144e0052f144966c9bf9e867N
- Size
  
  56KB
- MD5
  
  79ecff877695981256e1ca32cf4df5e0
- SHA1
  
  f1d26c2ce6141cabfe997696a959b9ef8ad1fa52
- SHA256
  
  b02017c543a2c78ba99cd44568aa3bd1ca8e6207144e0052f144966c9bf9e867
- SHA512
  
  d7af5523a6bf386f419eba73cb04d57d78ab12d58aa9530460ec1590bb225318e40c2dfec8a73a785eb14009bf564a5104afd128943fbee3b8b3687aa64627c3
- SSDEEP
  
  768:lu7DUP3gPNLN2jurgwIwqOtCfrduJtZWmI4EGH5VsLvUVcVJwiZ6ST/1H59Xdnh:lZgPzs3HrduJrO4/eUS7CShZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence