2093ed497fb33184f92118cd71c5079b64cd7a7752a0cd4279b622b6dffddcbc | Triage

Sharing

General

Target

2093ed497fb33184f92118cd71c5079b64cd7a7752a0cd4279b622b6dffddcbc
Size

400KB
Sample

241121-y9abbs1phr
MD5

cfc426da35864c53c86539c3ef172900
SHA1

3a1ba73e766f25f778a1754c36bd3cdb7c0a124e
SHA256

2093ed497fb33184f92118cd71c5079b64cd7a7752a0cd4279b622b6dffddcbc
SHA512

e30780ca3b971e36d7f9feb4fcf9aa54186225f8ab487ab90db3f7901a2ec0d5daa409580ac37791201aa1f339f284d3e36c8d93c2982352ed862ca78504a9b1
SSDEEP

12288:qqs18Z7WOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO/OOyOOOOOOOOmOOObOOrOOc:YQrgryvQa2kj

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2093ed497fb33184f92118cd71c5079b64cd7a7752a0cd4279b622b6dffddcbc
- Size
  
  400KB
- MD5
  
  cfc426da35864c53c86539c3ef172900
- SHA1
  
  3a1ba73e766f25f778a1754c36bd3cdb7c0a124e
- SHA256
  
  2093ed497fb33184f92118cd71c5079b64cd7a7752a0cd4279b622b6dffddcbc
- SHA512
  
  e30780ca3b971e36d7f9feb4fcf9aa54186225f8ab487ab90db3f7901a2ec0d5daa409580ac37791201aa1f339f284d3e36c8d93c2982352ed862ca78504a9b1
- SSDEEP
  
  12288:qqs18Z7WOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO/OOyOOOOOOOOmOOObOOrOOc:YQrgryvQa2kj
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence