3ff05248e1c579a1787c9bd29f42cde77f66afa1cedd781a9e5c7d9ec41fbf7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ff05248e1c579a1787c9bd29f42cde77f66afa1cedd781a9e5c7d9ec41fbf7bN.exe
Size

77KB
Sample

240925-gpftyasalf
MD5

fb4005aa4a50fe97d797e51fd7d85170
SHA1

9c5bd0f2cbeefb15173ddeed503630d50020f5d2
SHA256

3ff05248e1c579a1787c9bd29f42cde77f66afa1cedd781a9e5c7d9ec41fbf7b
SHA512

b92835c234a02862a306fbc37987a913b1dcf9da02471ed87aac8ffa3f70ecf23722440efb0a4e73e0a8e760928e762446b6ec24e4f1ac049f968aa371d39da6
SSDEEP

1536:86RAo0ej2d6rnJwwvlNlIUBvsI7hrhEh9cpDN/qhAvP3OInvnHvvxIfhqhcGoI/g:xAo1lOwvlNlXBvsI7hrhEh9cpDN/qhAg

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  3ff05248e1c579a1787c9bd29f42cde77f66afa1cedd781a9e5c7d9ec41fbf7bN.exe
- Size
  
  77KB
- MD5
  
  fb4005aa4a50fe97d797e51fd7d85170
- SHA1
  
  9c5bd0f2cbeefb15173ddeed503630d50020f5d2
- SHA256
  
  3ff05248e1c579a1787c9bd29f42cde77f66afa1cedd781a9e5c7d9ec41fbf7b
- SHA512
  
  b92835c234a02862a306fbc37987a913b1dcf9da02471ed87aac8ffa3f70ecf23722440efb0a4e73e0a8e760928e762446b6ec24e4f1ac049f968aa371d39da6
- SSDEEP
  
  1536:86RAo0ej2d6rnJwwvlNlIUBvsI7hrhEh9cpDN/qhAvP3OInvnHvvxIfhqhcGoI/g:xAo1lOwvlNlXBvsI7hrhEh9cpDN/qhAg
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence