ac7b3e26418a053a54771fc28b805afe4b0639df4a6b9470c2505f3abed4dac7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac7b3e26418a053a54771fc28b805afe4b0639df4a6b9470c2505f3abed4dac7N
Size

320KB
Sample

240927-qe2s4atfmk
MD5

b9fbbed03c12e5923492078529fbdcd0
SHA1

76f6e01f844025109d57c22f8cf7ef880f47d934
SHA256

ac7b3e26418a053a54771fc28b805afe4b0639df4a6b9470c2505f3abed4dac7
SHA512

27268d8a65ad7ddef9e2eaad73e867ad8f917d5ebc04cbab48176e53c43f016692cb9849a31c2bc717898e1f16713843987892dfb0a4e3ce0076f23caf90147d
SSDEEP

3072:ZcG3ii/9kn6lwS/A4MK0FzJG/AMBxjUSmkCMQ/9h/NR5f0m:Za6lV/Ah1G/AcQ///NR5fn

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ac7b3e26418a053a54771fc28b805afe4b0639df4a6b9470c2505f3abed4dac7N
- Size
  
  320KB
- MD5
  
  b9fbbed03c12e5923492078529fbdcd0
- SHA1
  
  76f6e01f844025109d57c22f8cf7ef880f47d934
- SHA256
  
  ac7b3e26418a053a54771fc28b805afe4b0639df4a6b9470c2505f3abed4dac7
- SHA512
  
  27268d8a65ad7ddef9e2eaad73e867ad8f917d5ebc04cbab48176e53c43f016692cb9849a31c2bc717898e1f16713843987892dfb0a4e3ce0076f23caf90147d
- SSDEEP
  
  3072:ZcG3ii/9kn6lwS/A4MK0FzJG/AMBxjUSmkCMQ/9h/NR5f0m:Za6lV/Ah1G/AcQ///NR5fn
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence