437d029c94e2205e489bb91a5be6ee92cd5bf17c05f1575cc9977ad5307a4385 | Triage

Sharing

General

Target

437d029c94e2205e489bb91a5be6ee92cd5bf17c05f1575cc9977ad5307a4385
Size

84KB
Sample

240920-yecszathph
MD5

ef263047e6e9e05bec257e0d24e2b88b
SHA1

c9e62c84ca112e271f90dbd32465211ba99c568c
SHA256

437d029c94e2205e489bb91a5be6ee92cd5bf17c05f1575cc9977ad5307a4385
SHA512

bec9568f8be70b4abea9a17d918eafa18a06d6ac5a669ee67a52c62e231158462cc3c818a3beca4cf8cc181884df8628e7fd0bbf3d6423fd552d6b72c7d0a475
SSDEEP

1536:El+0ldrh45b4tlRPfXmhUfNXSREXHfVPfMVwNKT1iqWUPGc4T7VLd:El+0TlOb6/mWfNCREXdXNKT1ntPG9pB

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  437d029c94e2205e489bb91a5be6ee92cd5bf17c05f1575cc9977ad5307a4385
- Size
  
  84KB
- MD5
  
  ef263047e6e9e05bec257e0d24e2b88b
- SHA1
  
  c9e62c84ca112e271f90dbd32465211ba99c568c
- SHA256
  
  437d029c94e2205e489bb91a5be6ee92cd5bf17c05f1575cc9977ad5307a4385
- SHA512
  
  bec9568f8be70b4abea9a17d918eafa18a06d6ac5a669ee67a52c62e231158462cc3c818a3beca4cf8cc181884df8628e7fd0bbf3d6423fd552d6b72c7d0a475
- SSDEEP
  
  1536:El+0ldrh45b4tlRPfXmhUfNXSREXHfVPfMVwNKT1iqWUPGc4T7VLd:El+0TlOb6/mWfNCREXdXNKT1ntPG9pB
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence