d1c8d0f6c2497ce1b43b51ba2b8760ae14f17c24b047fe92ed8e4b457d7611ae | Triage

Sharing

General

Target

d1c8d0f6c2497ce1b43b51ba2b8760ae14f17c24b047fe92ed8e4b457d7611aeN.exe
Size

410KB
Sample

241119-thmp5axhqa
MD5

253a0f0082c79cdc968dc58dc90604e0
SHA1

9e7fe659be6d56913203f8da8902d15f89c403bf
SHA256

d1c8d0f6c2497ce1b43b51ba2b8760ae14f17c24b047fe92ed8e4b457d7611ae
SHA512

87855535118135fdf58b3078c99c2a110d0f4f6d48339638ecb9787117bd782d0c03ba97495624436f0b8ba353296044e709bf93ef1dc048955e3d745127437e
SSDEEP

12288:CxIK9V14ImyHY2ty6Lz/irIYUrqe2tig15ob:CJEyYKy6P9rStR14

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d1c8d0f6c2497ce1b43b51ba2b8760ae14f17c24b047fe92ed8e4b457d7611aeN.exe
- Size
  
  410KB
- MD5
  
  253a0f0082c79cdc968dc58dc90604e0
- SHA1
  
  9e7fe659be6d56913203f8da8902d15f89c403bf
- SHA256
  
  d1c8d0f6c2497ce1b43b51ba2b8760ae14f17c24b047fe92ed8e4b457d7611ae
- SHA512
  
  87855535118135fdf58b3078c99c2a110d0f4f6d48339638ecb9787117bd782d0c03ba97495624436f0b8ba353296044e709bf93ef1dc048955e3d745127437e
- SSDEEP
  
  12288:CxIK9V14ImyHY2ty6Lz/irIYUrqe2tig15ob:CJEyYKy6P9rStR14
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence