0226dc275c8fc02c266eb1d14496573d741ca7261dd6db9df3909d827ae2ad22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0226dc275c8fc02c266eb1d14496573d741ca7261dd6db9df3909d827ae2ad22N
Size

128KB
Sample

241004-zdhs9svdnj
MD5

efa440fef203370d0699eb202a87c7c0
SHA1

bae9b13fb61687660a4d31ba9a9c8b005e6e6ee8
SHA256

0226dc275c8fc02c266eb1d14496573d741ca7261dd6db9df3909d827ae2ad22
SHA512

09f8b87c4db1749e254a0498e14f01a80a2004026f9a4f1ee9205a3b5393e15e1889ef85d3043bd3406840f2f230dc1d0979f2e49895e4a3933bb294f0580062
SSDEEP

3072:PcjW7eLk/YVMYH1gF03qC1DrLXfzoeqarm9mTKpAImA:PQW7eI/Kj95XfxqySSKpRmA

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  0226dc275c8fc02c266eb1d14496573d741ca7261dd6db9df3909d827ae2ad22N
- Size
  
  128KB
- MD5
  
  efa440fef203370d0699eb202a87c7c0
- SHA1
  
  bae9b13fb61687660a4d31ba9a9c8b005e6e6ee8
- SHA256
  
  0226dc275c8fc02c266eb1d14496573d741ca7261dd6db9df3909d827ae2ad22
- SHA512
  
  09f8b87c4db1749e254a0498e14f01a80a2004026f9a4f1ee9205a3b5393e15e1889ef85d3043bd3406840f2f230dc1d0979f2e49895e4a3933bb294f0580062
- SSDEEP
  
  3072:PcjW7eLk/YVMYH1gF03qC1DrLXfzoeqarm9mTKpAImA:PQW7eI/Kj95XfxqySSKpRmA
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence