0874581959c4b1d7231290403331ef55354b5be28378f932ecb082b0f1539db7 | Triage

Sharing

General

Target

0874581959c4b1d7231290403331ef55354b5be28378f932ecb082b0f1539db7N
Size

239KB
Sample

240928-gqrmtssglc
MD5

f2c95e9f9e440b3caf282609846a7880
SHA1

1e406ece0921643825fd7262e5f4da8bde1957cf
SHA256

0874581959c4b1d7231290403331ef55354b5be28378f932ecb082b0f1539db7
SHA512

5a165ce160c14dcb065d7e561d8c98258a0ba5c07aab46ae5bd3e32c21c9f29775cab341be11f6f683e9aea7fe2710aa1e3c7bce0223912e61f7e419d8cd251f
SSDEEP

3072:IxcV8j4Y1jkE6MYqA6lPgH23J6QrWk97I:58kOjkE6MYwPgW56UI

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0874581959c4b1d7231290403331ef55354b5be28378f932ecb082b0f1539db7N
- Size
  
  239KB
- MD5
  
  f2c95e9f9e440b3caf282609846a7880
- SHA1
  
  1e406ece0921643825fd7262e5f4da8bde1957cf
- SHA256
  
  0874581959c4b1d7231290403331ef55354b5be28378f932ecb082b0f1539db7
- SHA512
  
  5a165ce160c14dcb065d7e561d8c98258a0ba5c07aab46ae5bd3e32c21c9f29775cab341be11f6f683e9aea7fe2710aa1e3c7bce0223912e61f7e419d8cd251f
- SSDEEP
  
  3072:IxcV8j4Y1jkE6MYqA6lPgH23J6QrWk97I:58kOjkE6MYwPgW56UI
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence