8c169d83907d5dc0296722a03c46f3644b1233c6c417804bbf6d04d6701374e8 | Triage

Sharing

General

Target

8c169d83907d5dc0296722a03c46f3644b1233c6c417804bbf6d04d6701374e8N
Size

89KB
Sample

241014-q4lheaybke
MD5

a0a22b32e1021aa026d6691b36db9f50
SHA1

ec96af9fa72970c6aabc9779844b9f07ad383a9b
SHA256

8c169d83907d5dc0296722a03c46f3644b1233c6c417804bbf6d04d6701374e8
SHA512

f9523cf3441166169910462c8668fccd6b6ef58f08117ef004f18487258210690577aee70fa2ecbf45a594cae44b4e359f28b9c52ce78f3b35d15e1ff02eb062
SSDEEP

1536:2dkLtzpqWNRKuPjaayBS99ca7R/1ZWIqxjkxcvlExkg8F:rLt15jaCya70IqF4cvlakgw

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8c169d83907d5dc0296722a03c46f3644b1233c6c417804bbf6d04d6701374e8N
- Size
  
  89KB
- MD5
  
  a0a22b32e1021aa026d6691b36db9f50
- SHA1
  
  ec96af9fa72970c6aabc9779844b9f07ad383a9b
- SHA256
  
  8c169d83907d5dc0296722a03c46f3644b1233c6c417804bbf6d04d6701374e8
- SHA512
  
  f9523cf3441166169910462c8668fccd6b6ef58f08117ef004f18487258210690577aee70fa2ecbf45a594cae44b4e359f28b9c52ce78f3b35d15e1ff02eb062
- SSDEEP
  
  1536:2dkLtzpqWNRKuPjaayBS99ca7R/1ZWIqxjkxcvlExkg8F:rLt15jaCya70IqF4cvlakgw
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence