27f298b91a388b41412189131e7a06c1a688a2cd0ee7b0fb6222d435097d3ef5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

539140c75b50c6c88a97b38dde00d935
Size

172KB
Sample

231226-exvlyseaf5
MD5

539140c75b50c6c88a97b38dde00d935
SHA1

3ea007265af53b5fb4dc0ceba6b8ddcb9ef9eac9
SHA256

27f298b91a388b41412189131e7a06c1a688a2cd0ee7b0fb6222d435097d3ef5
SHA512

131c009bbeec5df2d24f81c5e9ad7affdb5aa5c66c1ca287568bdc37614baa8ea8d4912aca6def8d4b71ff4cfe0ebbe8d54f8d9381e8da0dc6cbdedf3331dae0
SSDEEP

3072:iChDLsNgqtmy3muDOqkVfbX936NDoZq4rvKtGTV:hDLsNg7y3muDOqkpbX937Zq4ryY

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  539140c75b50c6c88a97b38dde00d935
- Size
  
  172KB
- MD5
  
  539140c75b50c6c88a97b38dde00d935
- SHA1
  
  3ea007265af53b5fb4dc0ceba6b8ddcb9ef9eac9
- SHA256
  
  27f298b91a388b41412189131e7a06c1a688a2cd0ee7b0fb6222d435097d3ef5
- SHA512
  
  131c009bbeec5df2d24f81c5e9ad7affdb5aa5c66c1ca287568bdc37614baa8ea8d4912aca6def8d4b71ff4cfe0ebbe8d54f8d9381e8da0dc6cbdedf3331dae0
- SSDEEP
  
  3072:iChDLsNgqtmy3muDOqkVfbX936NDoZq4rvKtGTV:hDLsNg7y3muDOqkpbX937Zq4ryY
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2