29bcfd9d6e1db281fe33995e9de6cccfdc2237d996bc31f59d2d8b9b0f4e31fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29bcfd9d6e1db281fe33995e9de6cccfdc2237d996bc31f59d2d8b9b0f4e31feN.exe
Size

50KB
Sample

240925-xkzdgsvdqf
MD5

ed16b0935c17b38f5191ef1b22aa3a00
SHA1

51392e088d7bedeadcc615bd6d073a0b716e3770
SHA256

29bcfd9d6e1db281fe33995e9de6cccfdc2237d996bc31f59d2d8b9b0f4e31fe
SHA512

8de90c83c15e06a1789ecd6bbec3d83281df5a075f7c64fadf75da0d0552c6858413a2d7eb596e907761cbd968e074e1b1f1929055addc1940f879bde0224b7f
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIV:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVv

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  29bcfd9d6e1db281fe33995e9de6cccfdc2237d996bc31f59d2d8b9b0f4e31feN.exe
- Size
  
  50KB
- MD5
  
  ed16b0935c17b38f5191ef1b22aa3a00
- SHA1
  
  51392e088d7bedeadcc615bd6d073a0b716e3770
- SHA256
  
  29bcfd9d6e1db281fe33995e9de6cccfdc2237d996bc31f59d2d8b9b0f4e31fe
- SHA512
  
  8de90c83c15e06a1789ecd6bbec3d83281df5a075f7c64fadf75da0d0552c6858413a2d7eb596e907761cbd968e074e1b1f1929055addc1940f879bde0224b7f
- SSDEEP
  
  1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIV:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVv
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence