a2b8462bbe2af18d3faad1eaabe8b6af67c0411af94cf354a716371410231d47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2b8462bbe2af18d3faad1eaabe8b6af67c0411af94cf354a716371410231d47N
Size

56KB
Sample

241009-y5rd2sxfjd
MD5

89fdc88017a75fa3ba18921af250f9b0
SHA1

5d242ea4529f816549623871967cc77af8295b51
SHA256

a2b8462bbe2af18d3faad1eaabe8b6af67c0411af94cf354a716371410231d47
SHA512

ebf3393a2126ccc11c49ddd49511b974219bdf6aea8fff2efa68b19d1f9da268158312ec5aca7589a354e6b1506db23f4d8e98711edfa92c000d05dba0079384
SSDEEP

1536:/uVqwIZHr+bDNxz1tjDbT/qazyQ8/DolP1:FwELkJ/J3/qyy30l

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  a2b8462bbe2af18d3faad1eaabe8b6af67c0411af94cf354a716371410231d47N
- Size
  
  56KB
- MD5
  
  89fdc88017a75fa3ba18921af250f9b0
- SHA1
  
  5d242ea4529f816549623871967cc77af8295b51
- SHA256
  
  a2b8462bbe2af18d3faad1eaabe8b6af67c0411af94cf354a716371410231d47
- SHA512
  
  ebf3393a2126ccc11c49ddd49511b974219bdf6aea8fff2efa68b19d1f9da268158312ec5aca7589a354e6b1506db23f4d8e98711edfa92c000d05dba0079384
- SSDEEP
  
  1536:/uVqwIZHr+bDNxz1tjDbT/qazyQ8/DolP1:FwELkJ/J3/qyy30l
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Server Software Component

Terminal Services DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence