feaa8b97324b800bcaa364c4003e4690ff4dfeac51dd5b065c154602a3958ffa | Triage

Sharing

General

Target

feaa8b97324b800bcaa364c4003e4690ff4dfeac51dd5b065c154602a3958ffa.exe
Size

56KB
Sample

241122-rh4mjaxrhr
MD5

7024fa26b739a22fe5ecf4d3920ad0fd
SHA1

2cffabaed2a5008c2439a62e91700d5297391483
SHA256

feaa8b97324b800bcaa364c4003e4690ff4dfeac51dd5b065c154602a3958ffa
SHA512

c87740f512a0991eaa7df0cd9a308154d4ea546e7a6689c3aaed8f0498326265d46406d2e24ebfa994744a85dbb34a810e937738bb10958cd1582e6b88a29302
SSDEEP

1536:+FOLmmx2LMJkl26tk3R6IniSO+Zb2HLjEVcAVi:hmma0kHtk3R6g/aXqPVi

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  feaa8b97324b800bcaa364c4003e4690ff4dfeac51dd5b065c154602a3958ffa.exe
- Size
  
  56KB
- MD5
  
  7024fa26b739a22fe5ecf4d3920ad0fd
- SHA1
  
  2cffabaed2a5008c2439a62e91700d5297391483
- SHA256
  
  feaa8b97324b800bcaa364c4003e4690ff4dfeac51dd5b065c154602a3958ffa
- SHA512
  
  c87740f512a0991eaa7df0cd9a308154d4ea546e7a6689c3aaed8f0498326265d46406d2e24ebfa994744a85dbb34a810e937738bb10958cd1582e6b88a29302
- SSDEEP
  
  1536:+FOLmmx2LMJkl26tk3R6IniSO+Zb2HLjEVcAVi:hmma0kHtk3R6g/aXqPVi
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence