ea293d0be7e8e4326255b836b27643172be19d8d56c3c451905057b275278929 | Triage

Sharing

General

Target

ea293d0be7e8e4326255b836b27643172be19d8d56c3c451905057b275278929
Size

3.0MB
Sample

241119-qe8lmsxbrr
MD5

48ee0900f165fe01403d88935b479887
SHA1

a1d7ab510ede9fdd927459eddb7c2e2b444ca913
SHA256

ea293d0be7e8e4326255b836b27643172be19d8d56c3c451905057b275278929
SHA512

2c103b9986f08ae4741cb2cf83bb2ff0743b8ab9c94e8df8c67bb292ded6f2809548d139f67bfb5257c3341bcb2c1e28e29484ee9c9b815194d1d5b58dbe5c95
SSDEEP

49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBy9w4SLDtnkgXL35xZz:+R0pI/IQlUoMPdmpSpg4ADtnkgvN

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea293d0be7e8e4326255b836b27643172be19d8d56c3c451905057b275278929
- Size
  
  3.0MB
- MD5
  
  48ee0900f165fe01403d88935b479887
- SHA1
  
  a1d7ab510ede9fdd927459eddb7c2e2b444ca913
- SHA256
  
  ea293d0be7e8e4326255b836b27643172be19d8d56c3c451905057b275278929
- SHA512
  
  2c103b9986f08ae4741cb2cf83bb2ff0743b8ab9c94e8df8c67bb292ded6f2809548d139f67bfb5257c3341bcb2c1e28e29484ee9c9b815194d1d5b58dbe5c95
- SSDEEP
  
  49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBy9w4SLDtnkgXL35xZz:+R0pI/IQlUoMPdmpSpg4ADtnkgvN
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence