aeaa6d5c4ddc186442bd3976c70e4467cf48617dd9263ee4b1f79eb2146680fe | Triage

Sharing

General

Target

aeaa6d5c4ddc186442bd3976c70e4467cf48617dd9263ee4b1f79eb2146680feN.exe
Size

377KB
Sample

241120-af42vawgmn
MD5

fd9c05b24a812ab866541ec4c8c9e350
SHA1

577f4c4e091e0251070e330d9785df95d794570f
SHA256

aeaa6d5c4ddc186442bd3976c70e4467cf48617dd9263ee4b1f79eb2146680fe
SHA512

a60c499a9a321059a2af5fc83dc5e75c026c5291041a548dfd8488acbe67dc46f890dd815041c51e0a5998e6e3330be32e67695283b14fee0db70917c926d273
SSDEEP

3072:KOuZBphcREhpNl5ecz7RAxFKUXCt8/zAIo92VGiK/zAIC588:KdZBKEhpNl5fKx/SgnohignC5V

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  aeaa6d5c4ddc186442bd3976c70e4467cf48617dd9263ee4b1f79eb2146680feN.exe
- Size
  
  377KB
- MD5
  
  fd9c05b24a812ab866541ec4c8c9e350
- SHA1
  
  577f4c4e091e0251070e330d9785df95d794570f
- SHA256
  
  aeaa6d5c4ddc186442bd3976c70e4467cf48617dd9263ee4b1f79eb2146680fe
- SHA512
  
  a60c499a9a321059a2af5fc83dc5e75c026c5291041a548dfd8488acbe67dc46f890dd815041c51e0a5998e6e3330be32e67695283b14fee0db70917c926d273
- SSDEEP
  
  3072:KOuZBphcREhpNl5ecz7RAxFKUXCt8/zAIo92VGiK/zAIC588:KdZBKEhpNl5fKx/SgnohignC5V
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence