885d5ff3a1e0eb3dd4c63171e21a6719b6438292ee9c9d35126f321e37a1034a | Triage

Sharing

General

Target

885d5ff3a1e0eb3dd4c63171e21a6719b6438292ee9c9d35126f321e37a1034a
Size

391KB
Sample

241122-b4hzys1qct
MD5

e01ea6fb7af629fc1e674e14b80a169b
SHA1

bf030a9fe73630a68e15a610f7bb3aa3ce0bedf8
SHA256

885d5ff3a1e0eb3dd4c63171e21a6719b6438292ee9c9d35126f321e37a1034a
SHA512

a1dd21da99cb4a9392fa258b21f4b7c81551be718108fafe9f80038a7701833d102326a14e394c5a8cb30de2bc90ebeebad30f7cda6513a052b5447ac866fb49
SSDEEP

6144:SKAS08WMJNgh+pTaAfbAfNtTAfMAfFAfNPUmKyIxLfYeOO9UmKyIxL4:B08WE4QmNtuhUNP3cOK3b

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  885d5ff3a1e0eb3dd4c63171e21a6719b6438292ee9c9d35126f321e37a1034a
- Size
  
  391KB
- MD5
  
  e01ea6fb7af629fc1e674e14b80a169b
- SHA1
  
  bf030a9fe73630a68e15a610f7bb3aa3ce0bedf8
- SHA256
  
  885d5ff3a1e0eb3dd4c63171e21a6719b6438292ee9c9d35126f321e37a1034a
- SHA512
  
  a1dd21da99cb4a9392fa258b21f4b7c81551be718108fafe9f80038a7701833d102326a14e394c5a8cb30de2bc90ebeebad30f7cda6513a052b5447ac866fb49
- SSDEEP
  
  6144:SKAS08WMJNgh+pTaAfbAfNtTAfMAfFAfNPUmKyIxLfYeOO9UmKyIxL4:B08WE4QmNtuhUNP3cOK3b
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence