3f9dd394d52a2bb5e621e807ea3a7d562da2c9486a57b1ac5c2e10250748e02b | Triage

Sharing

General

Target

3f9dd394d52a2bb5e621e807ea3a7d562da2c9486a57b1ac5c2e10250748e02b
Size

376KB
Sample

241009-y5bzcsxerd
MD5

7d1f1d7de3aa307b4fb9de6cafaf7842
SHA1

7f97513ed07e5802a919a3a67dfb1868d34fec9c
SHA256

3f9dd394d52a2bb5e621e807ea3a7d562da2c9486a57b1ac5c2e10250748e02b
SHA512

56cec8460e90f4a48f0e37ba2339e0307e649594e2598ac8a530ff7c3e71a8dcb69aedba841f72d8330f06e2b2c568d25353c27a60a0303cec1703d83c6c9fb4
SSDEEP

6144:SSy9P3C7oQ0IV/Atl/AtW1OE43V1+25CzRoQ0Ibl4HdE43V1+2:oa50I2mi4lCzb0IF4

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3f9dd394d52a2bb5e621e807ea3a7d562da2c9486a57b1ac5c2e10250748e02b
- Size
  
  376KB
- MD5
  
  7d1f1d7de3aa307b4fb9de6cafaf7842
- SHA1
  
  7f97513ed07e5802a919a3a67dfb1868d34fec9c
- SHA256
  
  3f9dd394d52a2bb5e621e807ea3a7d562da2c9486a57b1ac5c2e10250748e02b
- SHA512
  
  56cec8460e90f4a48f0e37ba2339e0307e649594e2598ac8a530ff7c3e71a8dcb69aedba841f72d8330f06e2b2c568d25353c27a60a0303cec1703d83c6c9fb4
- SSDEEP
  
  6144:SSy9P3C7oQ0IV/Atl/AtW1OE43V1+25CzRoQ0Ibl4HdE43V1+2:oa50I2mi4lCzb0IF4
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence