64d66c26027d9e94e1e4f442b0c735c1cd6ed9bed52275c795db4faf115aa2c1 | Triage

Sharing

General

Target

64d66c26027d9e94e1e4f442b0c735c1cd6ed9bed52275c795db4faf115aa2c1
Size

1.1MB
Sample

241122-aqtzmawqcp
MD5

afddef319dd16501db0822e00a1a9d23
SHA1

f17ba0b05ca1a9d609bd91ab9ffed9b9717e10da
SHA256

64d66c26027d9e94e1e4f442b0c735c1cd6ed9bed52275c795db4faf115aa2c1
SHA512

a3b20f138b540f18ec7caadab752cecbe3b8bf9506fb80a949a01f0376375bc5fde7390d6ee50357ce9c70cd29e5af77ebf25c8e19804e86675a8251c7869c00
SSDEEP

12288:KvDUJxMPrQg5Z/+zrWAIAqWim/+zrWAI5KFukEyDucEQX:KvDUJx2rQg5ZmvFimm0HkEyDucEQX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  64d66c26027d9e94e1e4f442b0c735c1cd6ed9bed52275c795db4faf115aa2c1
- Size
  
  1.1MB
- MD5
  
  afddef319dd16501db0822e00a1a9d23
- SHA1
  
  f17ba0b05ca1a9d609bd91ab9ffed9b9717e10da
- SHA256
  
  64d66c26027d9e94e1e4f442b0c735c1cd6ed9bed52275c795db4faf115aa2c1
- SHA512
  
  a3b20f138b540f18ec7caadab752cecbe3b8bf9506fb80a949a01f0376375bc5fde7390d6ee50357ce9c70cd29e5af77ebf25c8e19804e86675a8251c7869c00
- SSDEEP
  
  12288:KvDUJxMPrQg5Z/+zrWAIAqWim/+zrWAI5KFukEyDucEQX:KvDUJx2rQg5ZmvFimm0HkEyDucEQX
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence