ec164b81ed97de05d33b9d4454549e7f92479f2ea01cc53b7a714732170b40c9 | Triage

Sharing

General

Target

ec164b81ed97de05d33b9d4454549e7f92479f2ea01cc53b7a714732170b40c9N
Size

38KB
Sample

241003-kzxrzsydna
MD5

bbd6eb0a8d9b75820e92a694b56c1960
SHA1

2e8262cb77ffca7b4609ca746e7fee427a4c7aa9
SHA256

ec164b81ed97de05d33b9d4454549e7f92479f2ea01cc53b7a714732170b40c9
SHA512

23726d567156c238282763eb9bc4f29d5b3b588662378b7233435424d2f6fd5f1bbe8d102e369d545ecbf4b10f8ca333b85366d69eecfcab1ba5ac0c69dd04c8
SSDEEP

768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhi:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYC

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ec164b81ed97de05d33b9d4454549e7f92479f2ea01cc53b7a714732170b40c9N
- Size
  
  38KB
- MD5
  
  bbd6eb0a8d9b75820e92a694b56c1960
- SHA1
  
  2e8262cb77ffca7b4609ca746e7fee427a4c7aa9
- SHA256
  
  ec164b81ed97de05d33b9d4454549e7f92479f2ea01cc53b7a714732170b40c9
- SHA512
  
  23726d567156c238282763eb9bc4f29d5b3b588662378b7233435424d2f6fd5f1bbe8d102e369d545ecbf4b10f8ca333b85366d69eecfcab1ba5ac0c69dd04c8
- SSDEEP
  
  768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhi:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYC
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence