1ef2d80e1e6a36e9a286a6d6b4ed06b9fb25b79c4c38c97dbf296cd572e5e69a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ef2d80e1e6a36e9a286a6d6b4ed06b9fb25b79c4c38c97dbf296cd572e5e69a
Size

49KB
Sample

241014-x3zrzawbpk
MD5

4bc523a9f3fd689605712d48d313d343
SHA1

55d36351276a55cfa5ea0c5bd72b3ea7ea8c437e
SHA256

1ef2d80e1e6a36e9a286a6d6b4ed06b9fb25b79c4c38c97dbf296cd572e5e69a
SHA512

a2a6c27f6df60d3ae864143c69f192a1be02e5cd4eebe439d438bba24dd6b8a8af33416dbe02724af73b1d3448dd173784e5247495950477e82f07d559fa4937
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIC:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  1ef2d80e1e6a36e9a286a6d6b4ed06b9fb25b79c4c38c97dbf296cd572e5e69a
- Size
  
  49KB
- MD5
  
  4bc523a9f3fd689605712d48d313d343
- SHA1
  
  55d36351276a55cfa5ea0c5bd72b3ea7ea8c437e
- SHA256
  
  1ef2d80e1e6a36e9a286a6d6b4ed06b9fb25b79c4c38c97dbf296cd572e5e69a
- SHA512
  
  a2a6c27f6df60d3ae864143c69f192a1be02e5cd4eebe439d438bba24dd6b8a8af33416dbe02724af73b1d3448dd173784e5247495950477e82f07d559fa4937
- SSDEEP
  
  1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIC:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVM
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence