c89264d66332cd9f8f63a6256751e61d05a14beba2bdc247879e40e9f8505b9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c89264d66332cd9f8f63a6256751e61d05a14beba2bdc247879e40e9f8505b9eN.exe
Size

50KB
Sample

240925-jcqjqawbre
MD5

029e15d788584229ec1a3e796fb5e840
SHA1

cf77fdfae6f47c020e2796d85bc255def52ee7e7
SHA256

c89264d66332cd9f8f63a6256751e61d05a14beba2bdc247879e40e9f8505b9e
SHA512

cdb4971a98688f91d3faf8c77e528e578561861e7ad231a29b17c67d6dbee3135324960b80886da8f538f36ae6431f7abf4a420e5b5913d8dc1f562bcc9b7713
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhId:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVT

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c89264d66332cd9f8f63a6256751e61d05a14beba2bdc247879e40e9f8505b9eN.exe
- Size
  
  50KB
- MD5
  
  029e15d788584229ec1a3e796fb5e840
- SHA1
  
  cf77fdfae6f47c020e2796d85bc255def52ee7e7
- SHA256
  
  c89264d66332cd9f8f63a6256751e61d05a14beba2bdc247879e40e9f8505b9e
- SHA512
  
  cdb4971a98688f91d3faf8c77e528e578561861e7ad231a29b17c67d6dbee3135324960b80886da8f538f36ae6431f7abf4a420e5b5913d8dc1f562bcc9b7713
- SSDEEP
  
  1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhId:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVT
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence