ea389a08c91ae9608e4702ff35e33d088d9bb6c7a48556a1a1ca2439446b65ef | Triage

Sharing

General

Target

ea389a08c91ae9608e4702ff35e33d088d9bb6c7a48556a1a1ca2439446b65efN
Size

96KB
Sample

241004-bwwaba1cnd
MD5

b24c9189694030492bf5de915f21d2b0
SHA1

af837cb45e5ceccab092665d3f06f57ebcc036be
SHA256

ea389a08c91ae9608e4702ff35e33d088d9bb6c7a48556a1a1ca2439446b65ef
SHA512

fe3eea6e289dd4b888e5c4e9ca130a5987b6aadeac6fdf5ed95850fb70dbfcd21c5efdfc23d8da76808122faec37fe190b0044d5c667a0e40f25e6cf39abab6a
SSDEEP

1536:hJpZBmx0B0HAnL08MTatH6SKvBgs5k2Cs8eOM6bOLXi8PmCofGy:YS0HAnLeCKP5H8eDrLXfzoey

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea389a08c91ae9608e4702ff35e33d088d9bb6c7a48556a1a1ca2439446b65efN
- Size
  
  96KB
- MD5
  
  b24c9189694030492bf5de915f21d2b0
- SHA1
  
  af837cb45e5ceccab092665d3f06f57ebcc036be
- SHA256
  
  ea389a08c91ae9608e4702ff35e33d088d9bb6c7a48556a1a1ca2439446b65ef
- SHA512
  
  fe3eea6e289dd4b888e5c4e9ca130a5987b6aadeac6fdf5ed95850fb70dbfcd21c5efdfc23d8da76808122faec37fe190b0044d5c667a0e40f25e6cf39abab6a
- SSDEEP
  
  1536:hJpZBmx0B0HAnL08MTatH6SKvBgs5k2Cs8eOM6bOLXi8PmCofGy:YS0HAnLeCKP5H8eDrLXfzoey
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence