19edf4d6800f59e925f5a41f4d209848b1008e9a5b483f92a01d0ac7433ff978 | Triage

Sharing

General

Target

19edf4d6800f59e925f5a41f4d209848b1008e9a5b483f92a01d0ac7433ff978
Size

340KB
Sample

240912-ybw3fa1dke
MD5

873eb14345bd0c2d269ecc6fb5fdb869
SHA1

5abe88bc34004a2bfa9f52792e065b456809fb91
SHA256

19edf4d6800f59e925f5a41f4d209848b1008e9a5b483f92a01d0ac7433ff978
SHA512

9021579e54bf41419c027904c35c2ded062d8a768d810fbe911e255f6911ca44d561c34da351fee60fdeace51ed22c0b8d87e609cffe1b6a2ec5cedc9907bae6
SSDEEP

6144:6QX6aCxsIyedZwlNPjLs+H8rtMsQBJyJyymeH:OvyGZwlNPjLYRMsXJvmeH

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  19edf4d6800f59e925f5a41f4d209848b1008e9a5b483f92a01d0ac7433ff978
- Size
  
  340KB
- MD5
  
  873eb14345bd0c2d269ecc6fb5fdb869
- SHA1
  
  5abe88bc34004a2bfa9f52792e065b456809fb91
- SHA256
  
  19edf4d6800f59e925f5a41f4d209848b1008e9a5b483f92a01d0ac7433ff978
- SHA512
  
  9021579e54bf41419c027904c35c2ded062d8a768d810fbe911e255f6911ca44d561c34da351fee60fdeace51ed22c0b8d87e609cffe1b6a2ec5cedc9907bae6
- SSDEEP
  
  6144:6QX6aCxsIyedZwlNPjLs+H8rtMsQBJyJyymeH:OvyGZwlNPjLYRMsXJvmeH
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence