d94facd091b7ebb543f0f238d906e7025c934e9d2d16477544d466869cf61805 | Triage

Sharing

General

Target

d94facd091b7ebb543f0f238d906e7025c934e9d2d16477544d466869cf61805N
Size

78KB
Sample

241031-kabs8avcmb
MD5

e3c6a72724521355badcb3fdbf810590
SHA1

7f26b298349bd3c5d7eabd6b57bb55b03dc525e3
SHA256

d94facd091b7ebb543f0f238d906e7025c934e9d2d16477544d466869cf61805
SHA512

aa4ba0124c767475d485c61a9ed57da3018eb87ba595ccce546b0f9616e6829dec66cb23b2c56d1b77761e4ab36b9ee4a3a4c3a404ca1c59ee2ed4ec8dc0650c
SSDEEP

1536:M5pC/9sE5iNLjZlonFOnsmFRXOf1oiVvN+zL20gJi1ie:M5pCAh9lbs0XOiiVvgzL20WKt

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d94facd091b7ebb543f0f238d906e7025c934e9d2d16477544d466869cf61805N
- Size
  
  78KB
- MD5
  
  e3c6a72724521355badcb3fdbf810590
- SHA1
  
  7f26b298349bd3c5d7eabd6b57bb55b03dc525e3
- SHA256
  
  d94facd091b7ebb543f0f238d906e7025c934e9d2d16477544d466869cf61805
- SHA512
  
  aa4ba0124c767475d485c61a9ed57da3018eb87ba595ccce546b0f9616e6829dec66cb23b2c56d1b77761e4ab36b9ee4a3a4c3a404ca1c59ee2ed4ec8dc0650c
- SSDEEP
  
  1536:M5pC/9sE5iNLjZlonFOnsmFRXOf1oiVvN+zL20gJi1ie:M5pCAh9lbs0XOiiVvgzL20WKt
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence