c27f9f4ac7cbf89e28ab286d3719a01e44d48de46d2762a54e62572933172c0e | Triage

Sharing

General

Target

c27f9f4ac7cbf89e28ab286d3719a01e44d48de46d2762a54e62572933172c0eN
Size

89KB
Sample

241012-b3h9bswamc
MD5

a438ee3ac40044a3d057e94c12560bd0
SHA1

19b9cb50726b5702852bac8b3183184faf569ddd
SHA256

c27f9f4ac7cbf89e28ab286d3719a01e44d48de46d2762a54e62572933172c0e
SHA512

5fb351769ecc9aaae11a3bade6f9ace084f5388b3ae987904472f1d41c09386f33423893a4ba567283f4b0263d6d200b555f3fd27577128dacc7a06d436ee59c
SSDEEP

1536:/4T4mFoR0kxpH0GWAEA3P6CEZ/cqef9Tc/lExkg8Fk:wcIoR3xCmN3CCQ/Def9Tc/lakgwk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c27f9f4ac7cbf89e28ab286d3719a01e44d48de46d2762a54e62572933172c0eN
- Size
  
  89KB
- MD5
  
  a438ee3ac40044a3d057e94c12560bd0
- SHA1
  
  19b9cb50726b5702852bac8b3183184faf569ddd
- SHA256
  
  c27f9f4ac7cbf89e28ab286d3719a01e44d48de46d2762a54e62572933172c0e
- SHA512
  
  5fb351769ecc9aaae11a3bade6f9ace084f5388b3ae987904472f1d41c09386f33423893a4ba567283f4b0263d6d200b555f3fd27577128dacc7a06d436ee59c
- SSDEEP
  
  1536:/4T4mFoR0kxpH0GWAEA3P6CEZ/cqef9Tc/lExkg8Fk:wcIoR3xCmN3CCQ/Def9Tc/lakgwk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence