08926e634a4aef8c0eae60472445b0bba8d1450edb9a16d9af4bc2d610fb08cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08926e634a4aef8c0eae60472445b0bba8d1450edb9a16d9af4bc2d610fb08cdN
Size

385KB
Sample

241009-rg3c3swflm
MD5

1a1f5febc1f87a361b54bf95668f0ab0
SHA1

7ac84fae93dc5d2810148ee0bed612bbce8e6db7
SHA256

08926e634a4aef8c0eae60472445b0bba8d1450edb9a16d9af4bc2d610fb08cd
SHA512

029b7a96ba63e6c0e2bba9950f05d9baf44ba0cb4af0aeb271cd1d4651a89870217487d85f783fc97ac9fcbd81c28bb116b09dec4930edbb70de84b31d5aa06c
SSDEEP

12288:xrjoy59SLWy5jy59SL3y59Ey59SLAy59SLZy5iy59SL:xrjoy7oWypy7o3y7Ey7oAy7oZyUy7o

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  08926e634a4aef8c0eae60472445b0bba8d1450edb9a16d9af4bc2d610fb08cdN
- Size
  
  385KB
- MD5
  
  1a1f5febc1f87a361b54bf95668f0ab0
- SHA1
  
  7ac84fae93dc5d2810148ee0bed612bbce8e6db7
- SHA256
  
  08926e634a4aef8c0eae60472445b0bba8d1450edb9a16d9af4bc2d610fb08cd
- SHA512
  
  029b7a96ba63e6c0e2bba9950f05d9baf44ba0cb4af0aeb271cd1d4651a89870217487d85f783fc97ac9fcbd81c28bb116b09dec4930edbb70de84b31d5aa06c
- SSDEEP
  
  12288:xrjoy59SLWy5jy59SL3y59Ey59SLAy59SLZy5iy59SL:xrjoy7oWypy7o3y7Ey7oAy7oZyUy7o
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence