34ed049a431884739c3f04b135b0734c0c4ef34121db5abf8187062984141afb | Triage

Sharing

General

Target

program.exe
Size

79KB
Sample

241122-j3aaestjbm
MD5

b18ca9c57e8dd3b1298296aee0016b63
SHA1

1fb7ea70aae6cf869f348fb1dc610acdb3ad18da
SHA256

34ed049a431884739c3f04b135b0734c0c4ef34121db5abf8187062984141afb
SHA512

7cd907eba039d6d5c6f8b94436bd891ca91ae5835c5bdc089ef5251ac637cfe5fce506564a79752c0e689b20689e2c5582aa7253724f2727d8a3cb3dc7eb8dc8
SSDEEP

768:BMpQNwC3BEddsEqOt/hyJuQNwC3BEp+Rr799mH3:OeTce/U/hjeTqwc

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  program.exe
- Size
  
  79KB
- MD5
  
  b18ca9c57e8dd3b1298296aee0016b63
- SHA1
  
  1fb7ea70aae6cf869f348fb1dc610acdb3ad18da
- SHA256
  
  34ed049a431884739c3f04b135b0734c0c4ef34121db5abf8187062984141afb
- SHA512
  
  7cd907eba039d6d5c6f8b94436bd891ca91ae5835c5bdc089ef5251ac637cfe5fce506564a79752c0e689b20689e2c5582aa7253724f2727d8a3cb3dc7eb8dc8
- SSDEEP
  
  768:BMpQNwC3BEddsEqOt/hyJuQNwC3BEp+Rr799mH3:OeTce/U/hjeTqwc
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion