a090d3ea1b06361c90fd429c0d04aa761f1959b485bb61985cb51e3e303a9ebb | Triage

Sharing

General

Target

a090d3ea1b06361c90fd429c0d04aa761f1959b485bb61985cb51e3e303a9ebbN
Size

128KB
Sample

241009-py3dasvbrm
MD5

c76db6f7dc71caa0e0ea6477a865fa30
SHA1

c9932e5e10f6aa5ccafade8ec7d9ca63cddbc351
SHA256

a090d3ea1b06361c90fd429c0d04aa761f1959b485bb61985cb51e3e303a9ebb
SHA512

261b9a910dcebed4bbdb9007c8c0b18e938fc4887018e5b785f9b833aa3106bfbd19614db1b44351af1eeeedb2626ffd4d4845398f50838d7063d8a205657b36
SSDEEP

3072:3T16ELNmQZZn2LzIhy33xqIe3SJdEN0s4WE+3S9pui6yYPaI7DX:uqDCENm+3Mpui6yYPaI/

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  a090d3ea1b06361c90fd429c0d04aa761f1959b485bb61985cb51e3e303a9ebbN
- Size
  
  128KB
- MD5
  
  c76db6f7dc71caa0e0ea6477a865fa30
- SHA1
  
  c9932e5e10f6aa5ccafade8ec7d9ca63cddbc351
- SHA256
  
  a090d3ea1b06361c90fd429c0d04aa761f1959b485bb61985cb51e3e303a9ebb
- SHA512
  
  261b9a910dcebed4bbdb9007c8c0b18e938fc4887018e5b785f9b833aa3106bfbd19614db1b44351af1eeeedb2626ffd4d4845398f50838d7063d8a205657b36
- SSDEEP
  
  3072:3T16ELNmQZZn2LzIhy33xqIe3SJdEN0s4WE+3S9pui6yYPaI7DX:uqDCENm+3Mpui6yYPaI/
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence