b92d74a89d3c9fc474eaa0eefed0d0becbff59f2212103cdf92805ccaf361078 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b92d74a89d3c9fc474eaa0eefed0d0becbff59f2212103cdf92805ccaf361078N
Size

448KB
Sample

240930-3lwlwazgjm
MD5

e9ffebabdc33bf4f2c197e1ef0c27860
SHA1

17119eb805f20a1b4253c7cd9f63619bb6ebcbcd
SHA256

b92d74a89d3c9fc474eaa0eefed0d0becbff59f2212103cdf92805ccaf361078
SHA512

f9c7965c067211746a4f7459e5cf0f28d6b52e13026d3a34bb50c441ab771591ef2b16d02a281a23b43ebdc103e422765ff39744828a8f2d68a6f0e3dd53f0f9
SSDEEP

6144:NEBlRu3ZDx0gqaxiLUmKyIxLDXXoq9FJZCUmKyIxL:ORiT3832XXf9Do3

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  b92d74a89d3c9fc474eaa0eefed0d0becbff59f2212103cdf92805ccaf361078N
- Size
  
  448KB
- MD5
  
  e9ffebabdc33bf4f2c197e1ef0c27860
- SHA1
  
  17119eb805f20a1b4253c7cd9f63619bb6ebcbcd
- SHA256
  
  b92d74a89d3c9fc474eaa0eefed0d0becbff59f2212103cdf92805ccaf361078
- SHA512
  
  f9c7965c067211746a4f7459e5cf0f28d6b52e13026d3a34bb50c441ab771591ef2b16d02a281a23b43ebdc103e422765ff39744828a8f2d68a6f0e3dd53f0f9
- SSDEEP
  
  6144:NEBlRu3ZDx0gqaxiLUmKyIxLDXXoq9FJZCUmKyIxL:ORiT3832XXf9Do3
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence