f74eb628c3889e7dcd11568cb8e7decb604ee9eeb92db14138c61a7c5b5d9aa7 | Triage

Sharing

General

Target

f74eb628c3889e7dcd11568cb8e7decb604ee9eeb92db14138c61a7c5b5d9aa7N
Size

386KB
Sample

241003-va526syhmf
MD5

cbea6fa131fab3daf31edc82f71d2a30
SHA1

7f55e9ce1fb8926948d2266d12eb32835dd861f6
SHA256

f74eb628c3889e7dcd11568cb8e7decb604ee9eeb92db14138c61a7c5b5d9aa7
SHA512

d7f969d641cfe4f7cd4ed46416a8bf5b76bd2723db6c03b43852bb5b5382b215257700b3ff98a6eba7e5266cc4c019b93ce8fbdefa695d31c8e8003989ece373
SSDEEP

6144:NYy/YvdIes7wQIc72nxvG7rbxmPVvRqlfJg9i4s7wQIc72nxvG7rbxmPV:7rwQZ7287xmPFRkfJg9qwQZ7287xmP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f74eb628c3889e7dcd11568cb8e7decb604ee9eeb92db14138c61a7c5b5d9aa7N
- Size
  
  386KB
- MD5
  
  cbea6fa131fab3daf31edc82f71d2a30
- SHA1
  
  7f55e9ce1fb8926948d2266d12eb32835dd861f6
- SHA256
  
  f74eb628c3889e7dcd11568cb8e7decb604ee9eeb92db14138c61a7c5b5d9aa7
- SHA512
  
  d7f969d641cfe4f7cd4ed46416a8bf5b76bd2723db6c03b43852bb5b5382b215257700b3ff98a6eba7e5266cc4c019b93ce8fbdefa695d31c8e8003989ece373
- SSDEEP
  
  6144:NYy/YvdIes7wQIc72nxvG7rbxmPVvRqlfJg9i4s7wQIc72nxvG7rbxmPV:7rwQZ7287xmPFRkfJg9qwQZ7287xmP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence