d4478f3204d94491fd7046a0d6a2cd81dbc508764cc1ae876cd390ebc3fd3010 | Triage

Sharing

General

Target

d4478f3204d94491fd7046a0d6a2cd81dbc508764cc1ae876cd390ebc3fd3010
Size

76KB
Sample

241005-jw93gavajp
MD5

a5ab627c3553105ae4ff04c4f2b3a993
SHA1

491f4efed725e3f51543e7a2f4765472d76e3cc4
SHA256

d4478f3204d94491fd7046a0d6a2cd81dbc508764cc1ae876cd390ebc3fd3010
SHA512

6c10fb1c9988fff9ab72686555880f0ab46c4ce843bc5f276f2c0cdf051631736700aaa65f14d6f84d48685376fa4f1ba73b3c8b63c33dce244fdc73da02189e
SSDEEP

1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOXCS:GhfxHNIreQm+HiQCS

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d4478f3204d94491fd7046a0d6a2cd81dbc508764cc1ae876cd390ebc3fd3010
- Size
  
  76KB
- MD5
  
  a5ab627c3553105ae4ff04c4f2b3a993
- SHA1
  
  491f4efed725e3f51543e7a2f4765472d76e3cc4
- SHA256
  
  d4478f3204d94491fd7046a0d6a2cd81dbc508764cc1ae876cd390ebc3fd3010
- SHA512
  
  6c10fb1c9988fff9ab72686555880f0ab46c4ce843bc5f276f2c0cdf051631736700aaa65f14d6f84d48685376fa4f1ba73b3c8b63c33dce244fdc73da02189e
- SSDEEP
  
  1536:RshfSWHHNvoLqNwDDGw02eQmh0HjWOXCS:GhfxHNIreQm+HiQCS
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence