33fe4104a45e6687f25df49fc08a396c3c21795526f348c7e5456c9cb59feb28 | Triage

Sharing

General

Target

33fe4104a45e6687f25df49fc08a396c3c21795526f348c7e5456c9cb59feb28N.exe
Size

188KB
Sample

241122-ww55qs1pbp
MD5

bc00617ce455e9680b5b23e3a0642490
SHA1

3428a8ddc85654afea8002b376ed6f6bf5f806ea
SHA256

33fe4104a45e6687f25df49fc08a396c3c21795526f348c7e5456c9cb59feb28
SHA512

60426f6474f506fbe00cdc06dd5adaed43dff5404c3b0e95b22ef557301a7f09a90e8325102c60ef671afdb3949b78655b5b17ea4caa18a62b9f92d3d036d1d9
SSDEEP

3072:/Yz87/rN5abZ1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:/Yz8LrN8bZ1AelhEN4MujGJoSoDco

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  33fe4104a45e6687f25df49fc08a396c3c21795526f348c7e5456c9cb59feb28N.exe
- Size
  
  188KB
- MD5
  
  bc00617ce455e9680b5b23e3a0642490
- SHA1
  
  3428a8ddc85654afea8002b376ed6f6bf5f806ea
- SHA256
  
  33fe4104a45e6687f25df49fc08a396c3c21795526f348c7e5456c9cb59feb28
- SHA512
  
  60426f6474f506fbe00cdc06dd5adaed43dff5404c3b0e95b22ef557301a7f09a90e8325102c60ef671afdb3949b78655b5b17ea4caa18a62b9f92d3d036d1d9
- SSDEEP
  
  3072:/Yz87/rN5abZ1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:/Yz8LrN8bZ1AelhEN4MujGJoSoDco
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence