1f576460e01eb97cfe1f939a4486d9d864d624641eb0919a9ce65db779a00e5d | Triage

Sharing

General

Target

1f576460e01eb97cfe1f939a4486d9d864d624641eb0919a9ce65db779a00e5d
Size

582KB
Sample

240515-ymzygaha6w
MD5

12355e029dc679b994ed0d76f96f8723
SHA1

581ad4fd9a49cdb39d29cb69b125d529b8f3dce1
SHA256

1f576460e01eb97cfe1f939a4486d9d864d624641eb0919a9ce65db779a00e5d
SHA512

c8a6314a021ef60a78371c8afc160862bb016253e6e8f8ff38a71ba4796e912b89a88e8fd4c8c0bf6c25751917b084a84bf4417676568abb889f2a2a0fe18305
SSDEEP

12288:NPxlZYNrekcPYNrq6+gmCAYNrekcPYNrB:NPxakaF+gqakad

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1f576460e01eb97cfe1f939a4486d9d864d624641eb0919a9ce65db779a00e5d
- Size
  
  582KB
- MD5
  
  12355e029dc679b994ed0d76f96f8723
- SHA1
  
  581ad4fd9a49cdb39d29cb69b125d529b8f3dce1
- SHA256
  
  1f576460e01eb97cfe1f939a4486d9d864d624641eb0919a9ce65db779a00e5d
- SHA512
  
  c8a6314a021ef60a78371c8afc160862bb016253e6e8f8ff38a71ba4796e912b89a88e8fd4c8c0bf6c25751917b084a84bf4417676568abb889f2a2a0fe18305
- SSDEEP
  
  12288:NPxlZYNrekcPYNrq6+gmCAYNrekcPYNrB:NPxakaF+gqakad
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2