08d7db5314eeed7f54326a31fd9de8db2a4a51fb7de30c137b70baf1c056e8b5 | Triage

Sharing

General

Target

08d7db5314eeed7f54326a31fd9de8db2a4a51fb7de30c137b70baf1c056e8b5
Size

28KB
Sample

241014-wz9bkatbkk
MD5

3e583159e3711042da793a543313489a
SHA1

b8da2c5a041c043ce8ca9c12566ad9cf273388ab
SHA256

08d7db5314eeed7f54326a31fd9de8db2a4a51fb7de30c137b70baf1c056e8b5
SHA512

1f49127776487bbe1426a3ca2b677a05e9cb9d0d6a65d2e88fd3ca8a19d4ff6937a676df688f78a0ac09016e75867e620c4ce3e9ea044117b754a9174d4b3320
SSDEEP

384:aJ7Kn4xBYOmluYNMY0YuImTyPNe9/BZvo+wx:Ejk0YuIYB93vo+

Score

8^/10

defense_evasion discovery persistence

Malware Config

Targets

- Target
  
  08d7db5314eeed7f54326a31fd9de8db2a4a51fb7de30c137b70baf1c056e8b5
- Size
  
  28KB
- MD5
  
  3e583159e3711042da793a543313489a
- SHA1
  
  b8da2c5a041c043ce8ca9c12566ad9cf273388ab
- SHA256
  
  08d7db5314eeed7f54326a31fd9de8db2a4a51fb7de30c137b70baf1c056e8b5
- SHA512
  
  1f49127776487bbe1426a3ca2b677a05e9cb9d0d6a65d2e88fd3ca8a19d4ff6937a676df688f78a0ac09016e75867e620c4ce3e9ea044117b754a9174d4b3320
- SSDEEP
  
  384:aJ7Kn4xBYOmluYNMY0YuImTyPNe9/BZvo+wx:Ejk0YuIYB93vo+
Score

8^/10

defense_evasion discovery persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistence

behavioral2

defense_evasiondiscoverypersistence