8df7076b9c6641007be14fbd3d2bca944047cb3c12c171003f95d3315321b21f | Triage

Sharing

General

Target

8df7076b9c6641007be14fbd3d2bca944047cb3c12c171003f95d3315321b21fN.exe
Size

73KB
Sample

241119-xf8rcszemb
MD5

76a7b4571f5c91a1f54bc6a7e01dd8b0
SHA1

7a2e6bba0eeb0f2302f23325e4eaa9253f518c18
SHA256

8df7076b9c6641007be14fbd3d2bca944047cb3c12c171003f95d3315321b21f
SHA512

6ff807eb2aa497ab71e6360832549714755e6ddceb6bc7da519f255874ccccd23b18081c789996a53bb99dcb3df895a57b04d74a6843db20a83490d3722620c0
SSDEEP

1536:17qvnKhWQtC3Izj6TrlDa2z6Ewd0zvPTQw9LBZR+d8V3zhbg:FqvKztiIzj6xtDLBZR+d8Vj5g

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  8df7076b9c6641007be14fbd3d2bca944047cb3c12c171003f95d3315321b21fN.exe
- Size
  
  73KB
- MD5
  
  76a7b4571f5c91a1f54bc6a7e01dd8b0
- SHA1
  
  7a2e6bba0eeb0f2302f23325e4eaa9253f518c18
- SHA256
  
  8df7076b9c6641007be14fbd3d2bca944047cb3c12c171003f95d3315321b21f
- SHA512
  
  6ff807eb2aa497ab71e6360832549714755e6ddceb6bc7da519f255874ccccd23b18081c789996a53bb99dcb3df895a57b04d74a6843db20a83490d3722620c0
- SSDEEP
  
  1536:17qvnKhWQtC3Izj6TrlDa2z6Ewd0zvPTQw9LBZR+d8V3zhbg:FqvKztiIzj6xtDLBZR+d8Vj5g
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence