f405ddda6287d71f60c1abfae23a5e8957a5f71978b7ea417718d8bc97515cab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f405ddda6287d71f60c1abfae23a5e8957a5f71978b7ea417718d8bc97515cabN
Size

75KB
Sample

240921-x1171sygqq
MD5

694d520afec40341a0d7e9a332d3cc10
SHA1

25dd2e798a6f4e6ed85cbd7c39af9ced69f69db4
SHA256

f405ddda6287d71f60c1abfae23a5e8957a5f71978b7ea417718d8bc97515cab
SHA512

852aabd911ce015845176fabf935561851dd9e4a09e59073b3b0127c6b7566a093abcbfc4fd0f421c6580c5a02962e39e7ba728b494d89df44b27ebc5a5da926
SSDEEP

1536:nyWVf/Aya+A3DfF+HEkZI9E4SgFna99ZeCyzTdO53q52IrFH:yW9/H+E4S8xTdg3qv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f405ddda6287d71f60c1abfae23a5e8957a5f71978b7ea417718d8bc97515cabN
- Size
  
  75KB
- MD5
  
  694d520afec40341a0d7e9a332d3cc10
- SHA1
  
  25dd2e798a6f4e6ed85cbd7c39af9ced69f69db4
- SHA256
  
  f405ddda6287d71f60c1abfae23a5e8957a5f71978b7ea417718d8bc97515cab
- SHA512
  
  852aabd911ce015845176fabf935561851dd9e4a09e59073b3b0127c6b7566a093abcbfc4fd0f421c6580c5a02962e39e7ba728b494d89df44b27ebc5a5da926
- SSDEEP
  
  1536:nyWVf/Aya+A3DfF+HEkZI9E4SgFna99ZeCyzTdO53q52IrFH:yW9/H+E4S8xTdg3qv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence