db397939f7ca5404e79038a419b86cc68f1f10ddce379a397533f21009e6a859 | Triage

Sharing

General

Target

db397939f7ca5404e79038a419b86cc68f1f10ddce379a397533f21009e6a859N.exe
Size

320KB
Sample

241122-xfhj6swmdy
MD5

d59318aa096b66f8a4da713e5b0c4bc0
SHA1

45b69c53a36c42f78d13bac51570273af8d0172b
SHA256

db397939f7ca5404e79038a419b86cc68f1f10ddce379a397533f21009e6a859
SHA512

596cbc9e28d08619ee25692dbbab7c6354b543702c337885123877689d19089bfdae95698ed73dbd464a3c39f2555eeab4badadff25c08e2e9ade5d3bcb3e442
SSDEEP

6144:gDBgh1OynXkgev52vGC+UUrtDyB8LoedCFJ369BJ369vpui6yYPaIGckvNP8:oBgPOS0Dx2uC+UKtyWUedCv2EpV6yYPZ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  db397939f7ca5404e79038a419b86cc68f1f10ddce379a397533f21009e6a859N.exe
- Size
  
  320KB
- MD5
  
  d59318aa096b66f8a4da713e5b0c4bc0
- SHA1
  
  45b69c53a36c42f78d13bac51570273af8d0172b
- SHA256
  
  db397939f7ca5404e79038a419b86cc68f1f10ddce379a397533f21009e6a859
- SHA512
  
  596cbc9e28d08619ee25692dbbab7c6354b543702c337885123877689d19089bfdae95698ed73dbd464a3c39f2555eeab4badadff25c08e2e9ade5d3bcb3e442
- SSDEEP
  
  6144:gDBgh1OynXkgev52vGC+UUrtDyB8LoedCFJ369BJ369vpui6yYPaIGckvNP8:oBgPOS0Dx2uC+UKtyWUedCv2EpV6yYPZ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence