259bb2e9caf32ad6028b2948d50c10b2892bbf2fffb6c12b170a893cb459a538 | Triage

Sharing

General

Target

259bb2e9caf32ad6028b2948d50c10b2892bbf2fffb6c12b170a893cb459a538
Size

192KB
Sample

240828-ys3asatbpd
MD5

00beadd1b3ddaa341d95fa7b88681d97
SHA1

105a8d1da842f89068f86f0279a7a5bdfdaee5fc
SHA256

259bb2e9caf32ad6028b2948d50c10b2892bbf2fffb6c12b170a893cb459a538
SHA512

e65a6857a3e85d270c1e35e587921c03bc07c16d88c38f5a446295e14c9e5facb7bdff7fd4877a6adb5b064fe822df0662937df8d6cb801a3012fffd89ce6e92
SSDEEP

3072:3sq6h0T+fr/CcE8Dl2B1xdLm102VZjuajDMyap9jCyFsWtex:cU+fracnl2B1xBm102VQltex

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  259bb2e9caf32ad6028b2948d50c10b2892bbf2fffb6c12b170a893cb459a538
- Size
  
  192KB
- MD5
  
  00beadd1b3ddaa341d95fa7b88681d97
- SHA1
  
  105a8d1da842f89068f86f0279a7a5bdfdaee5fc
- SHA256
  
  259bb2e9caf32ad6028b2948d50c10b2892bbf2fffb6c12b170a893cb459a538
- SHA512
  
  e65a6857a3e85d270c1e35e587921c03bc07c16d88c38f5a446295e14c9e5facb7bdff7fd4877a6adb5b064fe822df0662937df8d6cb801a3012fffd89ce6e92
- SSDEEP
  
  3072:3sq6h0T+fr/CcE8Dl2B1xdLm102VZjuajDMyap9jCyFsWtex:cU+fracnl2B1xBm102VQltex
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence