5a0a1d858be025aa79d9816d27916ce6e4fd048cd953200ee38ebb8b8d9beda2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a0a1d858be025aa79d9816d27916ce6e4fd048cd953200ee38ebb8b8d9beda2
Size

8KB
Sample

241013-19n6la1gmh
MD5

743e0c41a550a0e3a088f684f7f2a8df
SHA1

6529c93689d4918fc413287dd9efff62417905ec
SHA256

5a0a1d858be025aa79d9816d27916ce6e4fd048cd953200ee38ebb8b8d9beda2
SHA512

30b792b815d65d93359128ded08227ed31dccc28dc45d76fe2db79ed9a72ba85b3c8ed98bb688360487ffcbe5bf271467e253e9d13c80074658005d22c93dda2
SSDEEP

192:Bh4SFyvWohE5xf6YUBSL63SUJqtMblWN:BO+ohE2B13NJqtM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  5a0a1d858be025aa79d9816d27916ce6e4fd048cd953200ee38ebb8b8d9beda2
- Size
  
  8KB
- MD5
  
  743e0c41a550a0e3a088f684f7f2a8df
- SHA1
  
  6529c93689d4918fc413287dd9efff62417905ec
- SHA256
  
  5a0a1d858be025aa79d9816d27916ce6e4fd048cd953200ee38ebb8b8d9beda2
- SHA512
  
  30b792b815d65d93359128ded08227ed31dccc28dc45d76fe2db79ed9a72ba85b3c8ed98bb688360487ffcbe5bf271467e253e9d13c80074658005d22c93dda2
- SSDEEP
  
  192:Bh4SFyvWohE5xf6YUBSL63SUJqtMblWN:BO+ohE2B13NJqtM
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence