25cea4dba3426a4019e8aa9466cb0ae4fac99893bdf81a86a2044e73ac656c39 | Triage

Sharing

General

Target

25cea4dba3426a4019e8aa9466cb0ae4fac99893bdf81a86a2044e73ac656c39
Size

192KB
Sample

240528-ybyk9shd21
MD5

18a77bf2152fbdb9edfb0ecebfc97e4c
SHA1

95fe2b2297bd1e8ff32d94d2377c17d9681a0ec8
SHA256

25cea4dba3426a4019e8aa9466cb0ae4fac99893bdf81a86a2044e73ac656c39
SHA512

36438799210e4cb752ac5ec1a78bed0a58f9c9e73e08955b94281083565eb19f40196863cfba7d304ae19532730513aa9927a7d00adf795666e02320d43ad3e7
SSDEEP

3072:EIdYMmHPtcykrfKbKbQmj6+JB8M6m9jqLsFmsdYXmLlcJVIZen+Vcv2JBwwRBkBf:EIdlmvtc6mj6MB8MhjwszeXmr8SeT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  25cea4dba3426a4019e8aa9466cb0ae4fac99893bdf81a86a2044e73ac656c39
- Size
  
  192KB
- MD5
  
  18a77bf2152fbdb9edfb0ecebfc97e4c
- SHA1
  
  95fe2b2297bd1e8ff32d94d2377c17d9681a0ec8
- SHA256
  
  25cea4dba3426a4019e8aa9466cb0ae4fac99893bdf81a86a2044e73ac656c39
- SHA512
  
  36438799210e4cb752ac5ec1a78bed0a58f9c9e73e08955b94281083565eb19f40196863cfba7d304ae19532730513aa9927a7d00adf795666e02320d43ad3e7
- SSDEEP
  
  3072:EIdYMmHPtcykrfKbKbQmj6+JB8M6m9jqLsFmsdYXmLlcJVIZen+Vcv2JBwwRBkBf:EIdlmvtc6mj6MB8MhjwszeXmr8SeT
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2