fd9a11902b68b3939049c446ae7da436339716ac154e1cf12a5b6c7e99f3e49e | Triage

Sharing

General

Target

fd9a11902b68b3939049c446ae7da436339716ac154e1cf12a5b6c7e99f3e49e
Size

125KB
Sample

250218-j92cgszqv4
MD5

ef355b5f45d32410d652248a27fb8e9e
SHA1

693c8e1954ec26568af2e3b9cad95d6d17fbd67d
SHA256

fd9a11902b68b3939049c446ae7da436339716ac154e1cf12a5b6c7e99f3e49e
SHA512

aadeaa218807ac7f9d33460a5af8fe37e65cad10506d810e382de79095cf3e2321eefe07eb15045b45e5515264d0ffa06c5b6dd8e01cd49c4ce2d9309753c516
SSDEEP

3072:/TvmheePJj6xGAcvx1WdTCn93OGey/ZhJakrPF:/yhJAcCTCndOGeKTaG

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  fd9a11902b68b3939049c446ae7da436339716ac154e1cf12a5b6c7e99f3e49e
- Size
  
  125KB
- MD5
  
  ef355b5f45d32410d652248a27fb8e9e
- SHA1
  
  693c8e1954ec26568af2e3b9cad95d6d17fbd67d
- SHA256
  
  fd9a11902b68b3939049c446ae7da436339716ac154e1cf12a5b6c7e99f3e49e
- SHA512
  
  aadeaa218807ac7f9d33460a5af8fe37e65cad10506d810e382de79095cf3e2321eefe07eb15045b45e5515264d0ffa06c5b6dd8e01cd49c4ce2d9309753c516
- SSDEEP
  
  3072:/TvmheePJj6xGAcvx1WdTCn93OGey/ZhJakrPF:/yhJAcCTCndOGeKTaG
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence