d4d0922d997d31de99018b9a621b65e285816271294f4fddb08983418689c752 | Triage

Sharing

General

Target

d4d0922d997d31de99018b9a621b65e285816271294f4fddb08983418689c752.exe
Size

470KB
Sample

241130-fqjrjstndz
MD5

0f21987801e0364cb4dc5201a8a969ff
SHA1

3fa40fbc5cfdc8b2db89b65993c3abb3f6382fe5
SHA256

d4d0922d997d31de99018b9a621b65e285816271294f4fddb08983418689c752
SHA512

20b0faa2d9d18194d95029a9306842c3eb7d411c9cbc6e40877c4c28a5f7c99d904abd04c1baca24cc46a3b909c401265fa63b23d4cd7f18a33b606650f2e703
SSDEEP

12288:fWn/Qc8QVj94nLiFzN3b7CUq1u2ztB1XQKTQInqyS6Rm6TIJ3l7DurTG9c8QVj94:S4q

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  d4d0922d997d31de99018b9a621b65e285816271294f4fddb08983418689c752.exe
- Size
  
  470KB
- MD5
  
  0f21987801e0364cb4dc5201a8a969ff
- SHA1
  
  3fa40fbc5cfdc8b2db89b65993c3abb3f6382fe5
- SHA256
  
  d4d0922d997d31de99018b9a621b65e285816271294f4fddb08983418689c752
- SHA512
  
  20b0faa2d9d18194d95029a9306842c3eb7d411c9cbc6e40877c4c28a5f7c99d904abd04c1baca24cc46a3b909c401265fa63b23d4cd7f18a33b606650f2e703
- SSDEEP
  
  12288:fWn/Qc8QVj94nLiFzN3b7CUq1u2ztB1XQKTQInqyS6Rm6TIJ3l7DurTG9c8QVj94:S4q
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence