1048ede63b06e0d5a8adeb096e0ebc62e6a97d8802f831679d57b7b58e516ba5 | Triage

Sharing

General

Target

1048ede63b06e0d5a8adeb096e0ebc62e6a97d8802f831679d57b7b58e516ba5N
Size

89KB
Sample

240921-fwb9nawgnq
MD5

8a0c289e83ceb6b20f2b42cf64764360
SHA1

92d520ba7088d7cf00390c9472e0515be8be7430
SHA256

1048ede63b06e0d5a8adeb096e0ebc62e6a97d8802f831679d57b7b58e516ba5
SHA512

f1ec7c679a798bbf03d1b359908805643e62b92b50c9a042f09d2d36dd50d239a280a94b1752cc9bb9e0a635f29ba68a6f783e234d41857432dd08db814430c7
SSDEEP

1536:rIsC7Hbxzh85Vp5wmGVkMOl8nK4uJHiVGa4fHIKqiprU8c+ClExkg8Fk:q7AVpqFVkMK8K4uJHiVzSNlcVlakgwk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  1048ede63b06e0d5a8adeb096e0ebc62e6a97d8802f831679d57b7b58e516ba5N
- Size
  
  89KB
- MD5
  
  8a0c289e83ceb6b20f2b42cf64764360
- SHA1
  
  92d520ba7088d7cf00390c9472e0515be8be7430
- SHA256
  
  1048ede63b06e0d5a8adeb096e0ebc62e6a97d8802f831679d57b7b58e516ba5
- SHA512
  
  f1ec7c679a798bbf03d1b359908805643e62b92b50c9a042f09d2d36dd50d239a280a94b1752cc9bb9e0a635f29ba68a6f783e234d41857432dd08db814430c7
- SSDEEP
  
  1536:rIsC7Hbxzh85Vp5wmGVkMOl8nK4uJHiVGa4fHIKqiprU8c+ClExkg8Fk:q7AVpqFVkMK8K4uJHiVzSNlcVlakgwk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence