2682f23ed5cecfb3c44883824f811ce1cb62e5baee35c1f4639ef0f5ea958fd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2682f23ed5cecfb3c44883824f811ce1cb62e5baee35c1f4639ef0f5ea958fd2
Size

128KB
Sample

240526-yplhvsah99
MD5

96e48e26ddbe27eb9730302b5f0b1134
SHA1

2fc4141e06b844783ec8df238d0a9c0eac743451
SHA256

2682f23ed5cecfb3c44883824f811ce1cb62e5baee35c1f4639ef0f5ea958fd2
SHA512

a7bd9ce7a7826a7941d0e4160c5cb5900b7b6c885bdb95b1060ace8af7118e7712cfdac69a0ef233fc59d76fe4a205ed5472fefad85c7bad695ad076b394077f
SSDEEP

3072:h/g5f4nYV7qEGG32/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:hIf4nYVW5s4BhHmNEcYj9nhV8NCU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2682f23ed5cecfb3c44883824f811ce1cb62e5baee35c1f4639ef0f5ea958fd2
- Size
  
  128KB
- MD5
  
  96e48e26ddbe27eb9730302b5f0b1134
- SHA1
  
  2fc4141e06b844783ec8df238d0a9c0eac743451
- SHA256
  
  2682f23ed5cecfb3c44883824f811ce1cb62e5baee35c1f4639ef0f5ea958fd2
- SHA512
  
  a7bd9ce7a7826a7941d0e4160c5cb5900b7b6c885bdb95b1060ace8af7118e7712cfdac69a0ef233fc59d76fe4a205ed5472fefad85c7bad695ad076b394077f
- SSDEEP
  
  3072:h/g5f4nYV7qEGG32/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:hIf4nYVW5s4BhHmNEcYj9nhV8NCU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2