c1d900288f8b93cbe3605a878dd6aabb3aeb1fb08ec439ac9c82a8a74691cf2b | Triage

Sharing

General

Target

c1d900288f8b93cbe3605a878dd6aabb3aeb1fb08ec439ac9c82a8a74691cf2b
Size

226KB
Sample

241005-dbatzsvgrb
MD5

b191a90b2723690ccafc9f3924e9fa2c
SHA1

d91f229aedf4bc014acb0f8d9f9ddeeefa7125cc
SHA256

c1d900288f8b93cbe3605a878dd6aabb3aeb1fb08ec439ac9c82a8a74691cf2b
SHA512

fcccaad3365c255c53b74528e47b4acca8c8dcc39101a6efdd44425c5b4ebc9a66e5587218d6dbf35f030fcda0e2496b04a652054b51c77a014cd03ddc8c3bb8
SSDEEP

6144:Smrt0CN9Ebxc6dBiXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:ic9Ebxc6+5IKrEAlnLAg

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c1d900288f8b93cbe3605a878dd6aabb3aeb1fb08ec439ac9c82a8a74691cf2b
- Size
  
  226KB
- MD5
  
  b191a90b2723690ccafc9f3924e9fa2c
- SHA1
  
  d91f229aedf4bc014acb0f8d9f9ddeeefa7125cc
- SHA256
  
  c1d900288f8b93cbe3605a878dd6aabb3aeb1fb08ec439ac9c82a8a74691cf2b
- SHA512
  
  fcccaad3365c255c53b74528e47b4acca8c8dcc39101a6efdd44425c5b4ebc9a66e5587218d6dbf35f030fcda0e2496b04a652054b51c77a014cd03ddc8c3bb8
- SSDEEP
  
  6144:Smrt0CN9Ebxc6dBiXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:ic9Ebxc6+5IKrEAlnLAg
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence