38cdc64cca3282e0683bf67f216fc3bafc706e18eec28ec440991de045bb197d | Triage

Sharing

General

Target

38cdc64cca3282e0683bf67f216fc3bafc706e18eec28ec440991de045bb197dN
Size

1.2MB
Sample

240920-wnvn2azcjf
MD5

7a520e21111e3a1edf034f8d8149b120
SHA1

feb84afff9c4bd21e00e18df9e31adc3d33a1982
SHA256

38cdc64cca3282e0683bf67f216fc3bafc706e18eec28ec440991de045bb197d
SHA512

edf0b9d3b784c777bd2a1e6a4c7efa8b4b1da9d9cfe8760da7e271f48f595d27ea6d14531226f0bc9508f537e407b3def14c449b6ab70b2c292db836b8f1c432
SSDEEP

6144:g4nie/Icl4yjThipmMH/gysNkvC8vA+XTv7FYUwMOFusQ+kJ3StWDKcGVoP:BFv4pnsKvNA+XTvZHWuEo3oW2tC

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  38cdc64cca3282e0683bf67f216fc3bafc706e18eec28ec440991de045bb197dN
- Size
  
  1.2MB
- MD5
  
  7a520e21111e3a1edf034f8d8149b120
- SHA1
  
  feb84afff9c4bd21e00e18df9e31adc3d33a1982
- SHA256
  
  38cdc64cca3282e0683bf67f216fc3bafc706e18eec28ec440991de045bb197d
- SHA512
  
  edf0b9d3b784c777bd2a1e6a4c7efa8b4b1da9d9cfe8760da7e271f48f595d27ea6d14531226f0bc9508f537e407b3def14c449b6ab70b2c292db836b8f1c432
- SSDEEP
  
  6144:g4nie/Icl4yjThipmMH/gysNkvC8vA+XTv7FYUwMOFusQ+kJ3StWDKcGVoP:BFv4pnsKvNA+XTvZHWuEo3oW2tC
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence