05de2613a9ba5c1634afe6cf62b3795197e669c362313ec695db15a499b4f7a5 | Triage

Sharing

General

Target

05de2613a9ba5c1634afe6cf62b3795197e669c362313ec695db15a499b4f7a5
Size

470KB
Sample

241120-x5lccs1fjg
MD5

f59f2004623411f5218790a76c7d08db
SHA1

bcf0d021dcb5b347daec9a90c2f85db7236dd52b
SHA256

05de2613a9ba5c1634afe6cf62b3795197e669c362313ec695db15a499b4f7a5
SHA512

2d91f50b75d8dc74c1a222b25339333b4f82d832813fb4a84ef2e658aa13476f4d3eb1fa9192525691f7088035feeacf4cae43637c3c489a5229925afad00390
SSDEEP

12288:/zlfyxODpb/Qc8QVj94nLiFzN3b7CUq1u2ztB1XQKTQInqyS6Rm6TIJ3l7DurTGG:/zlqO4

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  05de2613a9ba5c1634afe6cf62b3795197e669c362313ec695db15a499b4f7a5
- Size
  
  470KB
- MD5
  
  f59f2004623411f5218790a76c7d08db
- SHA1
  
  bcf0d021dcb5b347daec9a90c2f85db7236dd52b
- SHA256
  
  05de2613a9ba5c1634afe6cf62b3795197e669c362313ec695db15a499b4f7a5
- SHA512
  
  2d91f50b75d8dc74c1a222b25339333b4f82d832813fb4a84ef2e658aa13476f4d3eb1fa9192525691f7088035feeacf4cae43637c3c489a5229925afad00390
- SSDEEP
  
  12288:/zlfyxODpb/Qc8QVj94nLiFzN3b7CUq1u2ztB1XQKTQInqyS6Rm6TIJ3l7DurTGG:/zlqO4
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence