02e8e75a69c222f69492118ec83ddf103e4a0f270f2015e7eefda02d0b66adad | Triage

Sharing

General

Target

02e8e75a69c222f69492118ec83ddf103e4a0f270f2015e7eefda02d0b66adad
Size

443KB
Sample

241121-xz16mavpg1
MD5

c331c31f4bfae0b46babb91fd290525d
SHA1

aa28a8c9d6a4c6c00da3e76d6c713c703a9bcb56
SHA256

02e8e75a69c222f69492118ec83ddf103e4a0f270f2015e7eefda02d0b66adad
SHA512

24ae0501994308915fc1de8078e19cf04facbcebf349987b3e781d93c69a99267fa89e817f3e84d9daaefa7680e23643915a6aae650c4ec7f96d636d516021cf
SSDEEP

6144:Jyk9c7zeXmRL13n4GAI13n4GAvs0PEpNF0pNO021fv13n4GA3uKjwszeXmOEgHiC:YR1J1HJ1Uj+HiPjW

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  02e8e75a69c222f69492118ec83ddf103e4a0f270f2015e7eefda02d0b66adad
- Size
  
  443KB
- MD5
  
  c331c31f4bfae0b46babb91fd290525d
- SHA1
  
  aa28a8c9d6a4c6c00da3e76d6c713c703a9bcb56
- SHA256
  
  02e8e75a69c222f69492118ec83ddf103e4a0f270f2015e7eefda02d0b66adad
- SHA512
  
  24ae0501994308915fc1de8078e19cf04facbcebf349987b3e781d93c69a99267fa89e817f3e84d9daaefa7680e23643915a6aae650c4ec7f96d636d516021cf
- SSDEEP
  
  6144:Jyk9c7zeXmRL13n4GAI13n4GAvs0PEpNF0pNO021fv13n4GA3uKjwszeXmOEgHiC:YR1J1HJ1Uj+HiPjW
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence