165988a8c4ae9e5e2bffc06bc5fbf8530368f7719b8f9032d844e54300a6b2c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

165988a8c4ae9e5e2bffc06bc5fbf8530368f7719b8f9032d844e54300a6b2c7N.exe
Size

64KB
Sample

240925-nyhhfsxane
MD5

a58c219864ba0134cbdffa7102e70160
SHA1

8a5b7a8ca1306cdc2674d87b6c8deaa30c49b114
SHA256

165988a8c4ae9e5e2bffc06bc5fbf8530368f7719b8f9032d844e54300a6b2c7
SHA512

81cde6bac14f41ee42130964a389fc9846d7ca69fb202c01c123d77d9110a16e76480a75ccf18fec6c611a651ae5d927ea50d5fa846e2a5be00ab46fd3fc33fe
SSDEEP

1536:nXF5+EYBSbF+Q3+GlLboMkCG4XUXruCHcpzt/Idn:nXn+vSbF+Q3+GlLbItwpFwn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  165988a8c4ae9e5e2bffc06bc5fbf8530368f7719b8f9032d844e54300a6b2c7N.exe
- Size
  
  64KB
- MD5
  
  a58c219864ba0134cbdffa7102e70160
- SHA1
  
  8a5b7a8ca1306cdc2674d87b6c8deaa30c49b114
- SHA256
  
  165988a8c4ae9e5e2bffc06bc5fbf8530368f7719b8f9032d844e54300a6b2c7
- SHA512
  
  81cde6bac14f41ee42130964a389fc9846d7ca69fb202c01c123d77d9110a16e76480a75ccf18fec6c611a651ae5d927ea50d5fa846e2a5be00ab46fd3fc33fe
- SSDEEP
  
  1536:nXF5+EYBSbF+Q3+GlLboMkCG4XUXruCHcpzt/Idn:nXn+vSbF+Q3+GlLbItwpFwn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence