0badc48a56f0dfcb6a52dcfe7021a3e50f5ae0b05fe3f2889e7a182be6821a7b | Triage

Sharing

General

Target

0badc48a56f0dfcb6a52dcfe7021a3e50f5ae0b05fe3f2889e7a182be6821a7bN
Size

95KB
Sample

241004-b8s1qa1hrf
MD5

6c5f3942a0fb5a1c643e5187e3bba790
SHA1

b2d412c8fef59ff38281ceee9fa8c50f16aee79d
SHA256

0badc48a56f0dfcb6a52dcfe7021a3e50f5ae0b05fe3f2889e7a182be6821a7b
SHA512

85363151a2bb4c1a4ac257428b7f0d2f0bde5a27925e26c6587624228fd0447c1c650064bdc01035d70b476c7d41a86d4a24677fb3a6d7173934a3e7e537d72f
SSDEEP

1536:aXNRiXG5AVUf+qEjfnznmPl45RNcDbYvq4HFj8VZtUZetRcaF5GFtCYOM6bOLXia:4R6GMUf+qEjPzn4lDPYvLljG+g7cqstP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0badc48a56f0dfcb6a52dcfe7021a3e50f5ae0b05fe3f2889e7a182be6821a7bN
- Size
  
  95KB
- MD5
  
  6c5f3942a0fb5a1c643e5187e3bba790
- SHA1
  
  b2d412c8fef59ff38281ceee9fa8c50f16aee79d
- SHA256
  
  0badc48a56f0dfcb6a52dcfe7021a3e50f5ae0b05fe3f2889e7a182be6821a7b
- SHA512
  
  85363151a2bb4c1a4ac257428b7f0d2f0bde5a27925e26c6587624228fd0447c1c650064bdc01035d70b476c7d41a86d4a24677fb3a6d7173934a3e7e537d72f
- SSDEEP
  
  1536:aXNRiXG5AVUf+qEjfnznmPl45RNcDbYvq4HFj8VZtUZetRcaF5GFtCYOM6bOLXia:4R6GMUf+qEjPzn4lDPYvLljG+g7cqstP
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence