8c99a42f59f7bc7d7247d7a16e1c4c309506ec393dd535b17a1bfe4c2b73456b | Triage

Sharing

General

Target

8c99a42f59f7bc7d7247d7a16e1c4c309506ec393dd535b17a1bfe4c2b73456b
Size

96KB
Sample

240920-z7phxayfln
MD5

abfdd5682353e30eeccf4316793710e2
SHA1

f03767ab6c8526922077ae782877485db38643e5
SHA256

8c99a42f59f7bc7d7247d7a16e1c4c309506ec393dd535b17a1bfe4c2b73456b
SHA512

37d0a1f8fbe132c4aef3d5ee30942ca0200039a68460f318474f04287300e30a1319f688ef791b0cec70a2379be54e15973f91800c40c451cefdf76ddba3c437
SSDEEP

1536:gCxLW1pYOGaJLJ5EOlUpplxAaQ/3fPmUcC5cdkkOM6bOLXi8PmCofGy:HxLW1NJdeOlglxU/3ftd6dkkDrLXfzot

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8c99a42f59f7bc7d7247d7a16e1c4c309506ec393dd535b17a1bfe4c2b73456b
- Size
  
  96KB
- MD5
  
  abfdd5682353e30eeccf4316793710e2
- SHA1
  
  f03767ab6c8526922077ae782877485db38643e5
- SHA256
  
  8c99a42f59f7bc7d7247d7a16e1c4c309506ec393dd535b17a1bfe4c2b73456b
- SHA512
  
  37d0a1f8fbe132c4aef3d5ee30942ca0200039a68460f318474f04287300e30a1319f688ef791b0cec70a2379be54e15973f91800c40c451cefdf76ddba3c437
- SSDEEP
  
  1536:gCxLW1pYOGaJLJ5EOlUpplxAaQ/3fPmUcC5cdkkOM6bOLXi8PmCofGy:HxLW1NJdeOlglxU/3ftd6dkkDrLXfzot
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence