287db9fe60e737cd86dff8942db62528dbb0fd5ba9d5c782ed28c07b70fc9268 | Triage

Sharing

General

Target

287db9fe60e737cd86dff8942db62528dbb0fd5ba9d5c782ed28c07b70fc9268N.exe
Size

8KB
Sample

241119-rksytawqfw
MD5

bcf7f645364be42edeceeb24fcd36a20
SHA1

99a4d2018752b6563a4b2c14ea39441acc217d32
SHA256

287db9fe60e737cd86dff8942db62528dbb0fd5ba9d5c782ed28c07b70fc9268
SHA512

2e2afa21bb2d1607fa8848f3947cd6bec0aa9a72c3dcc5fd4626dfd3ae72b202bad3d6ab225d1c36eb23dce5afebfb1f14625398294c550550247a29746f1737
SSDEEP

192:0h4SFyvWohE5xf6YUBSL63SUJqtMblWN:0O+ohE2B13NJqtM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  287db9fe60e737cd86dff8942db62528dbb0fd5ba9d5c782ed28c07b70fc9268N.exe
- Size
  
  8KB
- MD5
  
  bcf7f645364be42edeceeb24fcd36a20
- SHA1
  
  99a4d2018752b6563a4b2c14ea39441acc217d32
- SHA256
  
  287db9fe60e737cd86dff8942db62528dbb0fd5ba9d5c782ed28c07b70fc9268
- SHA512
  
  2e2afa21bb2d1607fa8848f3947cd6bec0aa9a72c3dcc5fd4626dfd3ae72b202bad3d6ab225d1c36eb23dce5afebfb1f14625398294c550550247a29746f1737
- SSDEEP
  
  192:0h4SFyvWohE5xf6YUBSL63SUJqtMblWN:0O+ohE2B13NJqtM
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence