ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f | Triage

Submit
Reports

Overview

overview

Static

static

3

ef45ff130b...0f.exe

windows7-x64

ef45ff130b...0f.exe

windows10-2004-x64

Sharing

General

Target

ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f
Size

94KB
Sample

240701-e17exsweja
MD5

b4b91ba83d2df0ae8dc6ff15a666e1b8
SHA1

60e9aa429d3dc3f7b9aa3f933c536eda9d24fa94
SHA256

ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f
SHA512

45a82e1b50ea62397f91bb1344879e038d36a2cc3faae29e4bab61c103e162e28c1e75d4c44c95ae4003cb7a0df0a49cc08721a83a2d8a81347546707bda96e2
SSDEEP

1536:KF4nlwlugnjWCaNYJPOWuB/fx+ASld6O2Lw2aIZTJ+7LhkiB0MPiKeEAgv:BnTfCwYJPOLHwASlYfaMU7uihJ5v

Score

10^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f.exe

Resource

win7-20231129-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f
- Size
  
  94KB
- MD5
  
  b4b91ba83d2df0ae8dc6ff15a666e1b8
- SHA1
  
  60e9aa429d3dc3f7b9aa3f933c536eda9d24fa94
- SHA256
  
  ef45ff130b44afd2ed43d5a74fec5ebde21739277b8851b1d12854f9def6ac0f
- SHA512
  
  45a82e1b50ea62397f91bb1344879e038d36a2cc3faae29e4bab61c103e162e28c1e75d4c44c95ae4003cb7a0df0a49cc08721a83a2d8a81347546707bda96e2
- SSDEEP
  
  1536:KF4nlwlugnjWCaNYJPOWuB/fx+ASld6O2Lw2aIZTJ+7LhkiB0MPiKeEAgv:BnTfCwYJPOLHwASlYfaMU7uihJ5v
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy