e883ac08895aef5efb1814c9f353862958f7b729c0f22e8a2679dae4d5c3981d | Triage

Sharing

General

Target

e883ac08895aef5efb1814c9f353862958f7b729c0f22e8a2679dae4d5c3981d.exe
Size

482KB
Sample

241120-alsk1awcqa
MD5

89bc836e80f9b3a67161666c61dee440
SHA1

659f419f99f7a0bed0855e08af9edade7f9960ba
SHA256

e883ac08895aef5efb1814c9f353862958f7b729c0f22e8a2679dae4d5c3981d
SHA512

581d55792b2dbb3d4fae8333a15388270bee9ea6d7aaebb4a272c23b8413edc699e0591dfdb394dd34f2d2d136833e4e6c7ea5890024ed193a4810cd29f4f0c5
SSDEEP

6144:rAUn8HEfU/ILl+wGXAF2PbgKLVGFM6234lKm3mo8Yvi4KsLTFM6234lKm3W:rAOLMwGXAF5KLVGFB24lwR45FB24lQ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  e883ac08895aef5efb1814c9f353862958f7b729c0f22e8a2679dae4d5c3981d.exe
- Size
  
  482KB
- MD5
  
  89bc836e80f9b3a67161666c61dee440
- SHA1
  
  659f419f99f7a0bed0855e08af9edade7f9960ba
- SHA256
  
  e883ac08895aef5efb1814c9f353862958f7b729c0f22e8a2679dae4d5c3981d
- SHA512
  
  581d55792b2dbb3d4fae8333a15388270bee9ea6d7aaebb4a272c23b8413edc699e0591dfdb394dd34f2d2d136833e4e6c7ea5890024ed193a4810cd29f4f0c5
- SSDEEP
  
  6144:rAUn8HEfU/ILl+wGXAF2PbgKLVGFM6234lKm3mo8Yvi4KsLTFM6234lKm3W:rAOLMwGXAF5KLVGFB24lwR45FB24lQ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence