2725fd24ec853c1724c27bfde996f93baf9f44c9c8f96b6e59708959694b6a3c | Triage

Sharing

General

Target

2725fd24ec853c1724c27bfde996f93baf9f44c9c8f96b6e59708959694b6a3c
Size

513KB
Sample

221123-lmx3nafb8x
MD5

54f50f9113735eda1abb252942a1e2a6
SHA1

59cfb1d4c66cae5e1f144c37ded3de5f150c89d0
SHA256

2725fd24ec853c1724c27bfde996f93baf9f44c9c8f96b6e59708959694b6a3c
SHA512

a9bd8c367471aae9e9696cb57866f4b5d7485e704d8cd62687b66613e7ec5a44322bcccce3756d7f9cff8f7e3b4c56aba7c6e8060eaefe0967250e2b40ef6124
SSDEEP

6144:eACT0ekq+7G40l/qDAqmglWGbl7sv6Q180p9wC4X:eACTR+76/jqPlWKsdXw

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  2725fd24ec853c1724c27bfde996f93baf9f44c9c8f96b6e59708959694b6a3c
- Size
  
  513KB
- MD5
  
  54f50f9113735eda1abb252942a1e2a6
- SHA1
  
  59cfb1d4c66cae5e1f144c37ded3de5f150c89d0
- SHA256
  
  2725fd24ec853c1724c27bfde996f93baf9f44c9c8f96b6e59708959694b6a3c
- SHA512
  
  a9bd8c367471aae9e9696cb57866f4b5d7485e704d8cd62687b66613e7ec5a44322bcccce3756d7f9cff8f7e3b4c56aba7c6e8060eaefe0967250e2b40ef6124
- SSDEEP
  
  6144:eACT0ekq+7G40l/qDAqmglWGbl7sv6Q180p9wC4X:eACTR+76/jqPlWKsdXw
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2