342ae31ca04374f4001ef64d369ededcc284d1bef929c743d2c8c3a83f697669 | Triage

Sharing

General

Target

342ae31ca04374f4001ef64d369ededcc284d1bef929c743d2c8c3a83f697669
Size

93KB
Sample

241013-zh23pssanl
MD5

b6bf527b2eb05126deca15d32e051734
SHA1

e93dfb5ebb0147795637342c91dd2f7b3c51f6be
SHA256

342ae31ca04374f4001ef64d369ededcc284d1bef929c743d2c8c3a83f697669
SHA512

d74fe4567ee33b1c2c4df3be08a868ef007ff551737cf5a7cae4d0f7db5e0862dff99e8da1c305d4aa826665cf5eea3304d54af45ff7f4831aa1d3578f9a34a4
SSDEEP

1536:+T6a/V8CWiEqlwKq9S6mtf9xgIcz7lDhtbrtpXgg15ntsaMiwihtIbbpkp:+B8CWBqqKq86mvWtJDLXgY5tdMiwaIbq

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  342ae31ca04374f4001ef64d369ededcc284d1bef929c743d2c8c3a83f697669
- Size
  
  93KB
- MD5
  
  b6bf527b2eb05126deca15d32e051734
- SHA1
  
  e93dfb5ebb0147795637342c91dd2f7b3c51f6be
- SHA256
  
  342ae31ca04374f4001ef64d369ededcc284d1bef929c743d2c8c3a83f697669
- SHA512
  
  d74fe4567ee33b1c2c4df3be08a868ef007ff551737cf5a7cae4d0f7db5e0862dff99e8da1c305d4aa826665cf5eea3304d54af45ff7f4831aa1d3578f9a34a4
- SSDEEP
  
  1536:+T6a/V8CWiEqlwKq9S6mtf9xgIcz7lDhtbrtpXgg15ntsaMiwihtIbbpkp:+B8CWBqqKq86mvWtJDLXgY5tdMiwaIbq
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence