1e0f0650b87ae48310f1213d5cda7f14311c1e0f99b52255c6f9cc73e5afb1d9 | Triage

Sharing

General

Target

1e0f0650b87ae48310f1213d5cda7f14311c1e0f99b52255c6f9cc73e5afb1d9N
Size

275KB
Sample

240921-2jfbfaxgre
MD5

3aea9c6ac1d30ab4dc310af22d46dd60
SHA1

d150e80cd61e6c8662bfce80d8f55364069cd37b
SHA256

1e0f0650b87ae48310f1213d5cda7f14311c1e0f99b52255c6f9cc73e5afb1d9
SHA512

a4619f360ff5a989a7fdbe5aa0f8086f43bb3cef12196237c6e1b576beebce2094fc517efc24af56c4a64e80059e80d945b63d96e658dac233595fbc847ec667
SSDEEP

6144:4r6Pb2xxDgzL2V4cpC0L4AY7YWT63cpC0L4f:4r6PL2/p9i7drp9S

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  1e0f0650b87ae48310f1213d5cda7f14311c1e0f99b52255c6f9cc73e5afb1d9N
- Size
  
  275KB
- MD5
  
  3aea9c6ac1d30ab4dc310af22d46dd60
- SHA1
  
  d150e80cd61e6c8662bfce80d8f55364069cd37b
- SHA256
  
  1e0f0650b87ae48310f1213d5cda7f14311c1e0f99b52255c6f9cc73e5afb1d9
- SHA512
  
  a4619f360ff5a989a7fdbe5aa0f8086f43bb3cef12196237c6e1b576beebce2094fc517efc24af56c4a64e80059e80d945b63d96e658dac233595fbc847ec667
- SSDEEP
  
  6144:4r6Pb2xxDgzL2V4cpC0L4AY7YWT63cpC0L4f:4r6PL2/p9i7drp9S
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence