c13ac350be57db0d0d42d017c5c2e20177c12c8f214225f7f0fa441fa8b3aad8 | Triage

Sharing

General

Target

c13ac350be57db0d0d42d017c5c2e20177c12c8f214225f7f0fa441fa8b3aad8N
Size

205KB
Sample

241004-y3z86syfkh
MD5

03391529051474aa9bddad0823cfed50
SHA1

cb4c154ace7a7b787a296f49f219d79e5b53a703
SHA256

c13ac350be57db0d0d42d017c5c2e20177c12c8f214225f7f0fa441fa8b3aad8
SHA512

6ba1396e49adf0eabdf2f530b92c465e51e1fb01a4550ef37f2bad99a57bf2419837ba4fce7f1d4a94d0f33a99636bfe336d76e9f8d514a1a3c3dae46b943180
SSDEEP

3072:0IXqry+d3DxQcv7zhWPk65Ui8BhmqjNj8DCUNUO42YwHdKpUUzE0mu87dw:dQCcv7Mk6bgL5jMCeU3dRCUI0mu8

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c13ac350be57db0d0d42d017c5c2e20177c12c8f214225f7f0fa441fa8b3aad8N
- Size
  
  205KB
- MD5
  
  03391529051474aa9bddad0823cfed50
- SHA1
  
  cb4c154ace7a7b787a296f49f219d79e5b53a703
- SHA256
  
  c13ac350be57db0d0d42d017c5c2e20177c12c8f214225f7f0fa441fa8b3aad8
- SHA512
  
  6ba1396e49adf0eabdf2f530b92c465e51e1fb01a4550ef37f2bad99a57bf2419837ba4fce7f1d4a94d0f33a99636bfe336d76e9f8d514a1a3c3dae46b943180
- SSDEEP
  
  3072:0IXqry+d3DxQcv7zhWPk65Ui8BhmqjNj8DCUNUO42YwHdKpUUzE0mu87dw:dQCcv7Mk6bgL5jMCeU3dRCUI0mu8
Score

7^/10

discovery persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2