031b293b63b8f0c899da68b560eecfbebe8570097c37d964cb9b05bfc83c9588 | Triage

Sharing

General

Target

031b293b63b8f0c899da68b560eecfbebe8570097c37d964cb9b05bfc83c9588
Size

470KB
Sample

240920-wqp7bszfmm
MD5

e2f327000b16959d93224170a51e5fe6
SHA1

f358e501e39d95b52192d37c8278afafadf458c8
SHA256

031b293b63b8f0c899da68b560eecfbebe8570097c37d964cb9b05bfc83c9588
SHA512

3d263a6a0c4a856aff9e25c38da5a3ac79923199e0f47dd9a0eb7f3be7fdd96e24ee9e89692b51a208d3400231ea3ab8c88d1736fd739cd6b467f1fa86434e19
SSDEEP

12288:kt159/Qc8QVj94nLiFzN3b7CUq1u2ztB1XQKTQInqyS6Rm6TIJ3l7DurTG9c8QVH:61594

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  031b293b63b8f0c899da68b560eecfbebe8570097c37d964cb9b05bfc83c9588
- Size
  
  470KB
- MD5
  
  e2f327000b16959d93224170a51e5fe6
- SHA1
  
  f358e501e39d95b52192d37c8278afafadf458c8
- SHA256
  
  031b293b63b8f0c899da68b560eecfbebe8570097c37d964cb9b05bfc83c9588
- SHA512
  
  3d263a6a0c4a856aff9e25c38da5a3ac79923199e0f47dd9a0eb7f3be7fdd96e24ee9e89692b51a208d3400231ea3ab8c88d1736fd739cd6b467f1fa86434e19
- SSDEEP
  
  12288:kt159/Qc8QVj94nLiFzN3b7CUq1u2ztB1XQKTQInqyS6Rm6TIJ3l7DurTG9c8QVH:61594
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence