045d954fcce0f7fdef54a12afec2b7fb875680cc12da3ce0c5f61d5a60977a29 | Triage

Sharing

General

Target

045d954fcce0f7fdef54a12afec2b7fb875680cc12da3ce0c5f61d5a60977a29N
Size

73KB
Sample

240920-wlh78azarf
MD5

d046bc36ecdae25d15f74a28a8a17fb0
SHA1

4c875161ab671b1508e729a6e6e202c21e7ec83c
SHA256

045d954fcce0f7fdef54a12afec2b7fb875680cc12da3ce0c5f61d5a60977a29
SHA512

27f2dbc49cd0a9aba5041f3ecd1bc659348d9c9f3cba136fe61e8caf5d29a345076de872c7a937dd2cb37114ff443bffa9c8ad3c2bbe79eeeb91524ab9c2e3de
SSDEEP

1536:fzWE3os8QpakZqtNKoaEm778blm5YMkhohBM:fzWEY5eawqKoaEmYkUAM

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  045d954fcce0f7fdef54a12afec2b7fb875680cc12da3ce0c5f61d5a60977a29N
- Size
  
  73KB
- MD5
  
  d046bc36ecdae25d15f74a28a8a17fb0
- SHA1
  
  4c875161ab671b1508e729a6e6e202c21e7ec83c
- SHA256
  
  045d954fcce0f7fdef54a12afec2b7fb875680cc12da3ce0c5f61d5a60977a29
- SHA512
  
  27f2dbc49cd0a9aba5041f3ecd1bc659348d9c9f3cba136fe61e8caf5d29a345076de872c7a937dd2cb37114ff443bffa9c8ad3c2bbe79eeeb91524ab9c2e3de
- SSDEEP
  
  1536:fzWE3os8QpakZqtNKoaEm778blm5YMkhohBM:fzWEY5eawqKoaEmYkUAM
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence