074d2985b08a7bfc1ca393475b1c3cec4b5b523130cb8890c254035c0108633a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

074d2985b08a7bfc1ca393475b1c3cec4b5b523130cb8890c254035c0108633aN
Size

128KB
Sample

241005-xpke5azblm
MD5

b8a5dc944fa0d824ab8611503f421330
SHA1

f61c09f79982ac203c15449f1f6a19a832f40896
SHA256

074d2985b08a7bfc1ca393475b1c3cec4b5b523130cb8890c254035c0108633a
SHA512

7b696e0581bdc7768db6b988378b012a53b3120f589f4e0f26901ce52c91c5621212bb22541fb3a386b324b37e4b16577a8ad504428e391166c5633bd537c5d5
SSDEEP

3072:vCC0FpABsRoRgaED9Kt0bszSeAu7DxSvITW/cbFGS9n:mLRe2TszpAahCw9n

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  074d2985b08a7bfc1ca393475b1c3cec4b5b523130cb8890c254035c0108633aN
- Size
  
  128KB
- MD5
  
  b8a5dc944fa0d824ab8611503f421330
- SHA1
  
  f61c09f79982ac203c15449f1f6a19a832f40896
- SHA256
  
  074d2985b08a7bfc1ca393475b1c3cec4b5b523130cb8890c254035c0108633a
- SHA512
  
  7b696e0581bdc7768db6b988378b012a53b3120f589f4e0f26901ce52c91c5621212bb22541fb3a386b324b37e4b16577a8ad504428e391166c5633bd537c5d5
- SSDEEP
  
  3072:vCC0FpABsRoRgaED9Kt0bszSeAu7DxSvITW/cbFGS9n:mLRe2TszpAahCw9n
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence