e8dca1a91b0c276c501d0fc0d178c423ebc47b7d8fff68cd6b64b7dedbe15a2a | Triage

Sharing

General

Target

e8dca1a91b0c276c501d0fc0d178c423ebc47b7d8fff68cd6b64b7dedbe15a2aN
Size

468KB
Sample

241003-xnwrrs1flj
MD5

278bf916a08124ebfa25dcce75231140
SHA1

c5dd3210a013801f2ffeff6c3f54a300f78204f1
SHA256

e8dca1a91b0c276c501d0fc0d178c423ebc47b7d8fff68cd6b64b7dedbe15a2a
SHA512

051c2e96348750df2066824f352b3418e014b66fb76d9d680102799766be86fc3572e3b43be7904603d88f2c02c5a4a99af31cde499981856101c5953aec3310
SSDEEP

3072:h1bhogOdaM8Unb/sPzfWff1cfpwMI8JnmHevVdbdyU31xyKxnlA:h1loYBUnYP7WffCxP3dya3yKx

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  e8dca1a91b0c276c501d0fc0d178c423ebc47b7d8fff68cd6b64b7dedbe15a2aN
- Size
  
  468KB
- MD5
  
  278bf916a08124ebfa25dcce75231140
- SHA1
  
  c5dd3210a013801f2ffeff6c3f54a300f78204f1
- SHA256
  
  e8dca1a91b0c276c501d0fc0d178c423ebc47b7d8fff68cd6b64b7dedbe15a2a
- SHA512
  
  051c2e96348750df2066824f352b3418e014b66fb76d9d680102799766be86fc3572e3b43be7904603d88f2c02c5a4a99af31cde499981856101c5953aec3310
- SSDEEP
  
  3072:h1bhogOdaM8Unb/sPzfWff1cfpwMI8JnmHevVdbdyU31xyKxnlA:h1loYBUnYP7WffCxP3dya3yKx
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence