4fb6bf2009ec3c3cf3bdc0d441513e0575a6f667c5fccd087ab6d8e338e7fa0f | Triage

Sharing

General

Target

4fb6bf2009ec3c3cf3bdc0d441513e0575a6f667c5fccd087ab6d8e338e7fa0f
Size

304KB
Sample

241121-3z4jmswmhl
MD5

88d516a33a84d397537d8409230e133d
SHA1

2bc3602364062dcb5fe92a297aafecbb2700e9bf
SHA256

4fb6bf2009ec3c3cf3bdc0d441513e0575a6f667c5fccd087ab6d8e338e7fa0f
SHA512

5c4d01568b15a2b3fabe3ca75bc7655497995ed531361fca0f3c244ecba1e2d76cf0847f6aefe9a422496f4e9efa1e0547b26ce14d95a5f3f8e75d8ac3a9dcdd
SSDEEP

6144:0fdvIpuHcO7JfnrFVoXJtpNr1RgAaa6FlFlcOuLr2/24qXPAbgPBFpYrFVO/fnre:IJfnYdsWfna

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4fb6bf2009ec3c3cf3bdc0d441513e0575a6f667c5fccd087ab6d8e338e7fa0f
- Size
  
  304KB
- MD5
  
  88d516a33a84d397537d8409230e133d
- SHA1
  
  2bc3602364062dcb5fe92a297aafecbb2700e9bf
- SHA256
  
  4fb6bf2009ec3c3cf3bdc0d441513e0575a6f667c5fccd087ab6d8e338e7fa0f
- SHA512
  
  5c4d01568b15a2b3fabe3ca75bc7655497995ed531361fca0f3c244ecba1e2d76cf0847f6aefe9a422496f4e9efa1e0547b26ce14d95a5f3f8e75d8ac3a9dcdd
- SSDEEP
  
  6144:0fdvIpuHcO7JfnrFVoXJtpNr1RgAaa6FlFlcOuLr2/24qXPAbgPBFpYrFVO/fnre:IJfnYdsWfna
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence