e576ea736cffa9ee1232e78c798bcd0759c28cf4a9644415c143749f2d12e1dd | Triage

Sharing

General

Target

e576ea736cffa9ee1232e78c798bcd0759c28cf4a9644415c143749f2d12e1ddN
Size

320KB
Sample

240920-xvj2jsshmr
MD5

d1f12aafeb3d9b001c83865a8e4d6030
SHA1

59670fe6a21f9c26e351724b56a433e23a345976
SHA256

e576ea736cffa9ee1232e78c798bcd0759c28cf4a9644415c143749f2d12e1dd
SHA512

82f9968e36a9580dabd11b7c8a2520d8828e78701aa37ff909868ed7ccd6f7d48afb7d62b9c45f37bdf25530d1ed329e28e9b93ca06c9a06bbb378ee505eaf17
SSDEEP

3072:jiDxE/8F7Ey8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqN:j0K8F7GZgZ0Wd/OWdPS2L8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e576ea736cffa9ee1232e78c798bcd0759c28cf4a9644415c143749f2d12e1ddN
- Size
  
  320KB
- MD5
  
  d1f12aafeb3d9b001c83865a8e4d6030
- SHA1
  
  59670fe6a21f9c26e351724b56a433e23a345976
- SHA256
  
  e576ea736cffa9ee1232e78c798bcd0759c28cf4a9644415c143749f2d12e1dd
- SHA512
  
  82f9968e36a9580dabd11b7c8a2520d8828e78701aa37ff909868ed7ccd6f7d48afb7d62b9c45f37bdf25530d1ed329e28e9b93ca06c9a06bbb378ee505eaf17
- SSDEEP
  
  3072:jiDxE/8F7Ey8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqN:j0K8F7GZgZ0Wd/OWdPS2L8
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence