General
-
Target
90e0a3d4ed5ee7aec2f0d92d49d10a2d19c14d4cc40837a2bb571f51b197104dN.exe
-
Size
350KB
-
Sample
250120-kxy72a1rdp
-
MD5
0a0abe93a1e81a9f553312f30bd6a510
-
SHA1
a5028f7ff492db37a3c9345cce8633647e230319
-
SHA256
90e0a3d4ed5ee7aec2f0d92d49d10a2d19c14d4cc40837a2bb571f51b197104d
-
SHA512
facc0562bfacd38205058393fc90f135627954ce9ab30ba3d94e3fb282afffefde645434f01575f8653deef634fa119512dbb6525f115932b57fd0234867b74e
-
SSDEEP
6144:HtKe6YiDdv3m3mgKHIP7bNIFlJYUvuc0jlgRBVI/bcHweNrLG:HtKe6Zv23Y31Juc0jKLBweNnG
Malware Config
Targets
-
-
Target
90e0a3d4ed5ee7aec2f0d92d49d10a2d19c14d4cc40837a2bb571f51b197104dN.exe
-
Size
350KB
-
MD5
0a0abe93a1e81a9f553312f30bd6a510
-
SHA1
a5028f7ff492db37a3c9345cce8633647e230319
-
SHA256
90e0a3d4ed5ee7aec2f0d92d49d10a2d19c14d4cc40837a2bb571f51b197104d
-
SHA512
facc0562bfacd38205058393fc90f135627954ce9ab30ba3d94e3fb282afffefde645434f01575f8653deef634fa119512dbb6525f115932b57fd0234867b74e
-
SSDEEP
6144:HtKe6YiDdv3m3mgKHIP7bNIFlJYUvuc0jlgRBVI/bcHweNrLG:HtKe6Zv23Y31Juc0jKLBweNnG
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1