2d1bc1e146a09dd571122d11a290cc9d96c86fa1654b867f0bb760913f27816a | Triage

Sharing

General

Target

2d1bc1e146a09dd571122d11a290cc9d96c86fa1654b867f0bb760913f27816aN.exe
Size

390KB
Sample

241121-km8nqazrby
MD5

ae8a595bbb7e7887272f535a142e91d0
SHA1

c193b947b15ef8e889d1817c3bf0d32ef33e0665
SHA256

2d1bc1e146a09dd571122d11a290cc9d96c86fa1654b867f0bb760913f27816a
SHA512

f8be4177efbe2139815f5003076f6c2034dcc5e811412f6edc874a5de6316fe50a925576b324ea577027cc374343440adab2500044779a00826206b814c4f337
SSDEEP

6144:0d3Pn0M66b+X0RjtdgOPAUvgkNRgdgOPAUvgkG:0lKUngEiM2gEif

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2d1bc1e146a09dd571122d11a290cc9d96c86fa1654b867f0bb760913f27816aN.exe
- Size
  
  390KB
- MD5
  
  ae8a595bbb7e7887272f535a142e91d0
- SHA1
  
  c193b947b15ef8e889d1817c3bf0d32ef33e0665
- SHA256
  
  2d1bc1e146a09dd571122d11a290cc9d96c86fa1654b867f0bb760913f27816a
- SHA512
  
  f8be4177efbe2139815f5003076f6c2034dcc5e811412f6edc874a5de6316fe50a925576b324ea577027cc374343440adab2500044779a00826206b814c4f337
- SSDEEP
  
  6144:0d3Pn0M66b+X0RjtdgOPAUvgkNRgdgOPAUvgkG:0lKUngEiM2gEif
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence