95d5e3142ae17b0900625bfd9319e7cb330225c6bc7616f3f6c5d02fdf1a0b8e | Triage

Sharing

General

Target

95d5e3142ae17b0900625bfd9319e7cb330225c6bc7616f3f6c5d02fdf1a0b8eN
Size

275KB
Sample

241013-neqdysycpj
MD5

9b1b9102b86f935027ceeb1bfb2633c0
SHA1

104115ef07dae3c59d28643ded1729498239fe44
SHA256

95d5e3142ae17b0900625bfd9319e7cb330225c6bc7616f3f6c5d02fdf1a0b8e
SHA512

27f02bc2a23b8c1726e0e14340139963aad6768e483b7d39b658457db72d9e4148b5cef1ff1ef087aff6150231a878fdc98a82b5655970f4f92a3af4a7c7e1c8
SSDEEP

6144:nA/kqzFjgSgzL2V4cpC0L4AY7YWT63cpC0L4f:n2kqhML2/p9i7drp9S

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  95d5e3142ae17b0900625bfd9319e7cb330225c6bc7616f3f6c5d02fdf1a0b8eN
- Size
  
  275KB
- MD5
  
  9b1b9102b86f935027ceeb1bfb2633c0
- SHA1
  
  104115ef07dae3c59d28643ded1729498239fe44
- SHA256
  
  95d5e3142ae17b0900625bfd9319e7cb330225c6bc7616f3f6c5d02fdf1a0b8e
- SHA512
  
  27f02bc2a23b8c1726e0e14340139963aad6768e483b7d39b658457db72d9e4148b5cef1ff1ef087aff6150231a878fdc98a82b5655970f4f92a3af4a7c7e1c8
- SSDEEP
  
  6144:nA/kqzFjgSgzL2V4cpC0L4AY7YWT63cpC0L4f:n2kqhML2/p9i7drp9S
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence