32db3d51853af03e7730a387737ffcd9571b1a8344605fb543429b7ee1b644a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32db3d51853af03e7730a387737ffcd9571b1a8344605fb543429b7ee1b644a3N
Size

125KB
Sample

241013-kzhcassgpm
MD5

69d623f265d06a935c9773fbe1ab5330
SHA1

2afc9e64fb5a7e22f87628271c1be98d6fcaa57e
SHA256

32db3d51853af03e7730a387737ffcd9571b1a8344605fb543429b7ee1b644a3
SHA512

9e14a169edf551283e0c83246767daaee61f5ac9dc74e975ad6a034e077d975ec313a25f25de6d4580e4a0da6db5123b0ab50d64f4540deb94bfef6e44738a3e
SSDEEP

3072:xjtUjgwBOI8oWMcqnEAsHzhFcQ1WdTCn93OGey/ZhJakrPF:pm3cqSThFcPTCndOGeKTaG

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  32db3d51853af03e7730a387737ffcd9571b1a8344605fb543429b7ee1b644a3N
- Size
  
  125KB
- MD5
  
  69d623f265d06a935c9773fbe1ab5330
- SHA1
  
  2afc9e64fb5a7e22f87628271c1be98d6fcaa57e
- SHA256
  
  32db3d51853af03e7730a387737ffcd9571b1a8344605fb543429b7ee1b644a3
- SHA512
  
  9e14a169edf551283e0c83246767daaee61f5ac9dc74e975ad6a034e077d975ec313a25f25de6d4580e4a0da6db5123b0ab50d64f4540deb94bfef6e44738a3e
- SSDEEP
  
  3072:xjtUjgwBOI8oWMcqnEAsHzhFcQ1WdTCn93OGey/ZhJakrPF:pm3cqSThFcPTCndOGeKTaG
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence