d5e37ee4ac4a5d9b798a2d1e80177e67dcf1ea31f21674ed8a1e20851d52f382 | Triage

Resubmissions

06-02-2020 11:15

200206-yr9smta93e 8

06-02-2020 11:02

200206-3dy8j7a4kj 10

Sharing

General

Target

d5e37ee4ac4a5d9b798a2d1e80177e67dcf1ea31f21674ed8a1e20851d52f382
Size

376KB
Sample

200206-yr9smta93e
MD5

a521f2c76e2212feb810e6bc1d35995a
SHA1

e0bc61d4e38c30f86d7236b431db50e411e60c06
SHA256

d5e37ee4ac4a5d9b798a2d1e80177e67dcf1ea31f21674ed8a1e20851d52f382
SHA512

868ebdcb41453316f6dc6fa1344479df7b0f5807bebe4d17721d77ebacb8a7dc31f0e11f2cb9fcacd869fb2326b561ece3a5ad0999ba824e14255040f4ae8280

Score

8^/10

evasion persistence spreading trojan

Malware Config

Targets

- Target
  
  d5e37ee4ac4a5d9b798a2d1e80177e67dcf1ea31f21674ed8a1e20851d52f382
- Size
  
  376KB
- MD5
  
  a521f2c76e2212feb810e6bc1d35995a
- SHA1
  
  e0bc61d4e38c30f86d7236b431db50e411e60c06
- SHA256
  
  d5e37ee4ac4a5d9b798a2d1e80177e67dcf1ea31f21674ed8a1e20851d52f382
- SHA512
  
  868ebdcb41453316f6dc6fa1344479df7b0f5807bebe4d17721d77ebacb8a7dc31f0e11f2cb9fcacd869fb2326b561ece3a5ad0999ba824e14255040f4ae8280
Score

8^/10

persistence spreading trojan evasion
- Drops file in Drivers directory
- Modifies Windows Firewall
  evasion
- Drops startup file
- Drops autorun.inf file
  spreading trojan
- Drops file in System32 directory
- Modifies service
  persistence
task1

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

persistencespreadingtrojanevasion