3a1fdd0476ea792b3d9a858d5b2ff758d75195953e836bcaab5fec66e159b3e7 | Triage

Sharing

General

Target

3a1fdd0476ea792b3d9a858d5b2ff758d75195953e836bcaab5fec66e159b3e7.exe
Size

385KB
Sample

241121-bvc3caxnbw
MD5

7c5fcfaf0fd5410c83779e34f9540ea4
SHA1

6007fdd61e381cda61ab51531938860e7d0d104a
SHA256

3a1fdd0476ea792b3d9a858d5b2ff758d75195953e836bcaab5fec66e159b3e7
SHA512

6ca3454a707efcce748860d5eaba3abdaa091a014ed7e16c8e81b00cd4176207c558708cd922eb239354135ba1142df62a3a6301f3d8551089bde934a2067883
SSDEEP

12288:ciMY+y59SLWy5jy59SL3y59Ey59SLAy59SLZy5iy59SL1:cTy7oWypy7o3y7Ey7oAy7oZyUy7o1

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3a1fdd0476ea792b3d9a858d5b2ff758d75195953e836bcaab5fec66e159b3e7.exe
- Size
  
  385KB
- MD5
  
  7c5fcfaf0fd5410c83779e34f9540ea4
- SHA1
  
  6007fdd61e381cda61ab51531938860e7d0d104a
- SHA256
  
  3a1fdd0476ea792b3d9a858d5b2ff758d75195953e836bcaab5fec66e159b3e7
- SHA512
  
  6ca3454a707efcce748860d5eaba3abdaa091a014ed7e16c8e81b00cd4176207c558708cd922eb239354135ba1142df62a3a6301f3d8551089bde934a2067883
- SSDEEP
  
  12288:ciMY+y59SLWy5jy59SL3y59Ey59SLAy59SLZy5iy59SL1:cTy7oWypy7o3y7Ey7oAy7oZyUy7o1
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence