8443f86e20e6b2bee354959d15091d667db2142aa9d9a66e42fdc6b573a4cc1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8443f86e20e6b2bee354959d15091d667db2142aa9d9a66e42fdc6b573a4cc1cN
Size

109KB
Sample

241013-v4er3stbpn
MD5

3a806dbf3d0499b772c362fd3919d370
SHA1

327aa6067a2182aef063c621752008a3ae998400
SHA256

8443f86e20e6b2bee354959d15091d667db2142aa9d9a66e42fdc6b573a4cc1c
SHA512

2207dc29394614f3b76ef7bd5cdc3d1531ccf83f2d0110c10ed9fe041f382e5dcbc9bd26639aa6c6c9931498a2158dec45e99ee26276dd5ad465b6885c5ab0ab
SSDEEP

3072:UMKplm9A/rm7RWX7C1b8fo3PXl9Z7S/yCsKh2EzZA/z:qlm9crm7RuC1bgo35e/yCthvUz

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8443f86e20e6b2bee354959d15091d667db2142aa9d9a66e42fdc6b573a4cc1cN
- Size
  
  109KB
- MD5
  
  3a806dbf3d0499b772c362fd3919d370
- SHA1
  
  327aa6067a2182aef063c621752008a3ae998400
- SHA256
  
  8443f86e20e6b2bee354959d15091d667db2142aa9d9a66e42fdc6b573a4cc1c
- SHA512
  
  2207dc29394614f3b76ef7bd5cdc3d1531ccf83f2d0110c10ed9fe041f382e5dcbc9bd26639aa6c6c9931498a2158dec45e99ee26276dd5ad465b6885c5ab0ab
- SSDEEP
  
  3072:UMKplm9A/rm7RWX7C1b8fo3PXl9Z7S/yCsKh2EzZA/z:qlm9crm7RuC1bgo35e/yCthvUz
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence