de268a1d3aa5eb6cdc7ef989706481ebd6f9ad7175372b1de4b3cd64ee99ae16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de268a1d3aa5eb6cdc7ef989706481ebd6f9ad7175372b1de4b3cd64ee99ae16N
Size

93KB
Sample

241013-2nnhlssbpf
MD5

9cfde2dc546d875f31885e5b2388c200
SHA1

c9b92720062f9215917fefbeb4aea6cf74717222
SHA256

de268a1d3aa5eb6cdc7ef989706481ebd6f9ad7175372b1de4b3cd64ee99ae16
SHA512

74735637191c9806f426be2569b6e7c9d4d04913d0727b80531e2ce688c02affef84689c193041c52d38e58afa4e11d2644b922f1d4cc18dadc1ba6877875007
SSDEEP

1536:WXwftVYkwxw6vestycsi4SWAC//TG4NIwcQ1MIg5fsaMiwihtIbbpkp:WXwftBwi6ve2sik//TvnR1MR5fdMiwa/

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  de268a1d3aa5eb6cdc7ef989706481ebd6f9ad7175372b1de4b3cd64ee99ae16N
- Size
  
  93KB
- MD5
  
  9cfde2dc546d875f31885e5b2388c200
- SHA1
  
  c9b92720062f9215917fefbeb4aea6cf74717222
- SHA256
  
  de268a1d3aa5eb6cdc7ef989706481ebd6f9ad7175372b1de4b3cd64ee99ae16
- SHA512
  
  74735637191c9806f426be2569b6e7c9d4d04913d0727b80531e2ce688c02affef84689c193041c52d38e58afa4e11d2644b922f1d4cc18dadc1ba6877875007
- SSDEEP
  
  1536:WXwftVYkwxw6vestycsi4SWAC//TG4NIwcQ1MIg5fsaMiwihtIbbpkp:WXwftBwi6ve2sik//TvnR1MR5fdMiwa/
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence