dc5b9016611630e6929b0e867ffce0bfa30d004df37f95079a5fb48030b22808 | Triage

Sharing

General

Target

dc5b9016611630e6929b0e867ffce0bfa30d004df37f95079a5fb48030b22808
Size

125KB
Sample

241121-lf87cavqbk
MD5

dafa6bdedfb9a8ed601180ed02411e68
SHA1

857bea7dda6d84fa2518678a10b3aad5276b14fd
SHA256

dc5b9016611630e6929b0e867ffce0bfa30d004df37f95079a5fb48030b22808
SHA512

eb4127b34d07a27ce1c0758ef39dad63d10ae470934134d8a45911544fff3e2aef2a8b5a4064e93d09b81709bc7901b4a0b589ce75b6337ff4e44897b45829f2
SSDEEP

3072:HR4La7FrDfnbQHSHnPon37wtOhcP1WdTCn93OGey/ZhJakrPF:HZFrDfng8nP6VhcgTCndOGeKTaG

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  dc5b9016611630e6929b0e867ffce0bfa30d004df37f95079a5fb48030b22808
- Size
  
  125KB
- MD5
  
  dafa6bdedfb9a8ed601180ed02411e68
- SHA1
  
  857bea7dda6d84fa2518678a10b3aad5276b14fd
- SHA256
  
  dc5b9016611630e6929b0e867ffce0bfa30d004df37f95079a5fb48030b22808
- SHA512
  
  eb4127b34d07a27ce1c0758ef39dad63d10ae470934134d8a45911544fff3e2aef2a8b5a4064e93d09b81709bc7901b4a0b589ce75b6337ff4e44897b45829f2
- SSDEEP
  
  3072:HR4La7FrDfnbQHSHnPon37wtOhcP1WdTCn93OGey/ZhJakrPF:HZFrDfng8nP6VhcgTCndOGeKTaG
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence