324e4abe653eb1818bd15a2bb9784c26698042533fe9bd25c03b05dc63d18b82 | Triage

Sharing

General

Target

324e4abe653eb1818bd15a2bb9784c26698042533fe9bd25c03b05dc63d18b82
Size

304KB
Sample

240920-xw8rasshrb
MD5

de854621930807282bbc195269d4b7e2
SHA1

ac29d72c43d8aec13ccae97ecff770f7fb97c494
SHA256

324e4abe653eb1818bd15a2bb9784c26698042533fe9bd25c03b05dc63d18b82
SHA512

382b7bee5533a42ff59f080e7de4943e7df93dd60e9856cc0e2b6c470719aff19f5dd94aa91e8e87d8a22a4e286b6a4d3fa6e598914798518f3e138ec35304c4
SSDEEP

6144:sVs0FOPcO7JfnrFVoXJtpNr1RgAaa6FlFlcOuLr2/24qXPAbgPBFpYrFVO/fnrF8:sVs0iJfnYdsWfna

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  324e4abe653eb1818bd15a2bb9784c26698042533fe9bd25c03b05dc63d18b82
- Size
  
  304KB
- MD5
  
  de854621930807282bbc195269d4b7e2
- SHA1
  
  ac29d72c43d8aec13ccae97ecff770f7fb97c494
- SHA256
  
  324e4abe653eb1818bd15a2bb9784c26698042533fe9bd25c03b05dc63d18b82
- SHA512
  
  382b7bee5533a42ff59f080e7de4943e7df93dd60e9856cc0e2b6c470719aff19f5dd94aa91e8e87d8a22a4e286b6a4d3fa6e598914798518f3e138ec35304c4
- SSDEEP
  
  6144:sVs0FOPcO7JfnrFVoXJtpNr1RgAaa6FlFlcOuLr2/24qXPAbgPBFpYrFVO/fnrF8:sVs0iJfnYdsWfna
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence