95902bf3969491518e43866dd487494daabfdf6d5064ad71bb09c19ab4d83a41 | Triage

Sharing

General

Target

95902bf3969491518e43866dd487494daabfdf6d5064ad71bb09c19ab4d83a41N
Size

169KB
Sample

240929-zmc95stfjf
MD5

d21c2f8312880922dca6eb08507ece10
SHA1

9a62cf8a15221b9b600acb4dfd479f8576574d9d
SHA256

95902bf3969491518e43866dd487494daabfdf6d5064ad71bb09c19ab4d83a41
SHA512

7021e6fa0a095b367aadf463f9df9e06ebe05ab660160ad6f72054a0d9c4cb2555d9acfe5598f2faa97457e185ae21d6a6f9c1d56bc86e28d67af1591db27203
SSDEEP

3072:mnYnIS//bkzdfgCOmIYgP5W86yPxMeEvPOdgujv6NLPfFFrKP92f65Ha:mnYnIS/sdfxOmIYo5V6yJML3OdgawrFC

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  95902bf3969491518e43866dd487494daabfdf6d5064ad71bb09c19ab4d83a41N
- Size
  
  169KB
- MD5
  
  d21c2f8312880922dca6eb08507ece10
- SHA1
  
  9a62cf8a15221b9b600acb4dfd479f8576574d9d
- SHA256
  
  95902bf3969491518e43866dd487494daabfdf6d5064ad71bb09c19ab4d83a41
- SHA512
  
  7021e6fa0a095b367aadf463f9df9e06ebe05ab660160ad6f72054a0d9c4cb2555d9acfe5598f2faa97457e185ae21d6a6f9c1d56bc86e28d67af1591db27203
- SSDEEP
  
  3072:mnYnIS//bkzdfgCOmIYgP5W86yPxMeEvPOdgujv6NLPfFFrKP92f65Ha:mnYnIS/sdfxOmIYo5V6yJML3OdgawrFC
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence