94c1ac5968aa8b9b843d5454a9fbb02d50ca6bee8fbee69f7e3385e47a0c8482 | Triage

Sharing

General

Target

94c1ac5968aa8b9b843d5454a9fbb02d50ca6bee8fbee69f7e3385e47a0c8482N
Size

1.2MB
Sample

241012-z94evawflm
MD5

ea675af893c30c0f501951c1a3c20c10
SHA1

f72a956e486c2464e1786468242768aac244c9ef
SHA256

94c1ac5968aa8b9b843d5454a9fbb02d50ca6bee8fbee69f7e3385e47a0c8482
SHA512

b0267edccd9df7269a60de1826f028ba2d0999e7cdb4f4e4cf0ebccd549e58e0adb58787fb98cbe3cf1488ef359ff23a260200332a193383dd646d62eb585e07
SSDEEP

24576:dgu5YyCtCCm0BmmvFimm00h2kkkkK4kXkkkkkkkkhLX3a20R0v50+YR:dgu5RCtCmizbazR0vk

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  94c1ac5968aa8b9b843d5454a9fbb02d50ca6bee8fbee69f7e3385e47a0c8482N
- Size
  
  1.2MB
- MD5
  
  ea675af893c30c0f501951c1a3c20c10
- SHA1
  
  f72a956e486c2464e1786468242768aac244c9ef
- SHA256
  
  94c1ac5968aa8b9b843d5454a9fbb02d50ca6bee8fbee69f7e3385e47a0c8482
- SHA512
  
  b0267edccd9df7269a60de1826f028ba2d0999e7cdb4f4e4cf0ebccd549e58e0adb58787fb98cbe3cf1488ef359ff23a260200332a193383dd646d62eb585e07
- SSDEEP
  
  24576:dgu5YyCtCCm0BmmvFimm00h2kkkkK4kXkkkkkkkkhLX3a20R0v50+YR:dgu5RCtCmizbazR0vk
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence