20a9da29591c786ebf2d42b4fde052cdf317e4ad073433ca951e32d3fffeed3a | Triage

Sharing

General

Target

20a9da29591c786ebf2d42b4fde052cdf317e4ad073433ca951e32d3fffeed3a
Size

109KB
Sample

240921-xww3hayfnq
MD5

b84457ea677ab04559e45ffd3839c82c
SHA1

e64731fe650b46f20c3ff1b2e0cac3f646c2b962
SHA256

20a9da29591c786ebf2d42b4fde052cdf317e4ad073433ca951e32d3fffeed3a
SHA512

ff118ad0f495b581c4dc9389cdb658181a59c8f340c41033a1acee7c63f16e5afe156a2ea3dffe22270ea0d2e52f0fb7cf2af74e30fda7a80dd5de31548c4c12
SSDEEP

3072:GuHYvfgQsdyLfUGaN8fo3PXl9Z7S/yCsKh2EzZA/z:dHE9/aNgo35e/yCthvUz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  20a9da29591c786ebf2d42b4fde052cdf317e4ad073433ca951e32d3fffeed3a
- Size
  
  109KB
- MD5
  
  b84457ea677ab04559e45ffd3839c82c
- SHA1
  
  e64731fe650b46f20c3ff1b2e0cac3f646c2b962
- SHA256
  
  20a9da29591c786ebf2d42b4fde052cdf317e4ad073433ca951e32d3fffeed3a
- SHA512
  
  ff118ad0f495b581c4dc9389cdb658181a59c8f340c41033a1acee7c63f16e5afe156a2ea3dffe22270ea0d2e52f0fb7cf2af74e30fda7a80dd5de31548c4c12
- SSDEEP
  
  3072:GuHYvfgQsdyLfUGaN8fo3PXl9Z7S/yCsKh2EzZA/z:dHE9/aNgo35e/yCthvUz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence