5013bccd5056b0b87d781ca60c7d8dedb5139365b4181ef44e197e9d51303b1f | Triage

Sharing

General

Target

5013bccd5056b0b87d781ca60c7d8dedb5139365b4181ef44e197e9d51303b1f
Size

335KB
Sample

241120-2rzp2swbnr
MD5

fd06736154434b1b34fe058d27c0ddfa
SHA1

b37197367539579fedf0edc8c80f8d7203ef511f
SHA256

5013bccd5056b0b87d781ca60c7d8dedb5139365b4181ef44e197e9d51303b1f
SHA512

23dd138b59f4fc7414a6c90bea3afb00ab9a4df81584bc244126509ea69cda40198b5ebae8bb6c71ea3b4f0f8d96144ae94c233957b182a913788f2f377b8438
SSDEEP

6144:k6DS0tRgR29vLvwU/4qwvwU/4qvvwevwU/4q+vwk/4q7:kotRf

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5013bccd5056b0b87d781ca60c7d8dedb5139365b4181ef44e197e9d51303b1f
- Size
  
  335KB
- MD5
  
  fd06736154434b1b34fe058d27c0ddfa
- SHA1
  
  b37197367539579fedf0edc8c80f8d7203ef511f
- SHA256
  
  5013bccd5056b0b87d781ca60c7d8dedb5139365b4181ef44e197e9d51303b1f
- SHA512
  
  23dd138b59f4fc7414a6c90bea3afb00ab9a4df81584bc244126509ea69cda40198b5ebae8bb6c71ea3b4f0f8d96144ae94c233957b182a913788f2f377b8438
- SSDEEP
  
  6144:k6DS0tRgR29vLvwU/4qwvwU/4qvvwevwU/4q+vwk/4q7:kotRf
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence