f09d8c4ef1ca227f141acb3cecb568406e0b3a2127948573afacce4b8dd17c8a | Triage

Sharing

General

Target

f09d8c4ef1ca227f141acb3cecb568406e0b3a2127948573afacce4b8dd17c8a
Size

51KB
Sample

240930-er63ssxdqm
MD5

a1cf81ab9bb974397140519c144bf762
SHA1

c1a6d16314f00ecd9c113ea7043fd307ddbf10a8
SHA256

f09d8c4ef1ca227f141acb3cecb568406e0b3a2127948573afacce4b8dd17c8a
SHA512

356d03403d8d5c233e74cdd5b25c3917702d81a33d31d611b87a6cd6f244dc7d0a49b7df125f3b0676496fcb754ec584b3de203527e25ca27a561cb0912f7272
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIh:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYV7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f09d8c4ef1ca227f141acb3cecb568406e0b3a2127948573afacce4b8dd17c8a
- Size
  
  51KB
- MD5
  
  a1cf81ab9bb974397140519c144bf762
- SHA1
  
  c1a6d16314f00ecd9c113ea7043fd307ddbf10a8
- SHA256
  
  f09d8c4ef1ca227f141acb3cecb568406e0b3a2127948573afacce4b8dd17c8a
- SHA512
  
  356d03403d8d5c233e74cdd5b25c3917702d81a33d31d611b87a6cd6f244dc7d0a49b7df125f3b0676496fcb754ec584b3de203527e25ca27a561cb0912f7272
- SSDEEP
  
  1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIh:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYV7
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence