65a0d09c8b0ae94767626e199ad809159a0a8a7b8c177614eea759fd796f34c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65a0d09c8b0ae94767626e199ad809159a0a8a7b8c177614eea759fd796f34c0
Size

59KB
Sample

241004-2nkfyszhln
MD5

c8b0a394250359fb4c16729a57844153
SHA1

78f0d1fd41bce7bca1c6167c0b1f925e01d1ead7
SHA256

65a0d09c8b0ae94767626e199ad809159a0a8a7b8c177614eea759fd796f34c0
SHA512

55defdd79552a0bfe6c2bb6d21d624a892f9b17c0ae609c6b92bf83b5a6c40e9488e285e40fd635f118bd5820b97bbae1f32230e11421253d487e1658ac8b670
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIU:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYV6

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  65a0d09c8b0ae94767626e199ad809159a0a8a7b8c177614eea759fd796f34c0
- Size
  
  59KB
- MD5
  
  c8b0a394250359fb4c16729a57844153
- SHA1
  
  78f0d1fd41bce7bca1c6167c0b1f925e01d1ead7
- SHA256
  
  65a0d09c8b0ae94767626e199ad809159a0a8a7b8c177614eea759fd796f34c0
- SHA512
  
  55defdd79552a0bfe6c2bb6d21d624a892f9b17c0ae609c6b92bf83b5a6c40e9488e285e40fd635f118bd5820b97bbae1f32230e11421253d487e1658ac8b670
- SSDEEP
  
  1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIU:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYV6
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence