7a9aaf65bd97805fd9deaf99c8c967e49a3e50e9adf8a830dfea066ca1ee3628 | Triage

Sharing

General

Target

7a9aaf65bd97805fd9deaf99c8c967e49a3e50e9adf8a830dfea066ca1ee3628N
Size

1.6MB
Sample

240927-cmlj7asfqh
MD5

fe8f7be5412b2a9cac86ab0679098ec0
SHA1

78b10fa52b57add8a14bec17dc1f60aa6b580a14
SHA256

7a9aaf65bd97805fd9deaf99c8c967e49a3e50e9adf8a830dfea066ca1ee3628
SHA512

fccb7a2ed8e7cee4290e950528cc21b574ee7d14ee87f0a70a90ba2a6161d46f545b2df2fe1d035025c5c672ebb8255485474cbee0f9e5b3dde05420d4be8ce0
SSDEEP

24576:JLgu5YyCtCCm0BmmvFimm0wh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2Ev3:JLgu5RCtCmi7bazR0vKLXZ+Ktz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  7a9aaf65bd97805fd9deaf99c8c967e49a3e50e9adf8a830dfea066ca1ee3628N
- Size
  
  1.6MB
- MD5
  
  fe8f7be5412b2a9cac86ab0679098ec0
- SHA1
  
  78b10fa52b57add8a14bec17dc1f60aa6b580a14
- SHA256
  
  7a9aaf65bd97805fd9deaf99c8c967e49a3e50e9adf8a830dfea066ca1ee3628
- SHA512
  
  fccb7a2ed8e7cee4290e950528cc21b574ee7d14ee87f0a70a90ba2a6161d46f545b2df2fe1d035025c5c672ebb8255485474cbee0f9e5b3dde05420d4be8ce0
- SSDEEP
  
  24576:JLgu5YyCtCCm0BmmvFimm0wh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2Ev3:JLgu5RCtCmi7bazR0vKLXZ+Ktz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence