5ad0140b342166a7094794f878bd271cb48567149b91119c0bc2ebabb6399f07 | Triage

Sharing

General

Target

5ad0140b342166a7094794f878bd271cb48567149b91119c0bc2ebabb6399f07
Size

2.2MB
Sample

220830-maal9sfden
MD5

d5dfb8447ced11274942ace31b4279d8
SHA1

5a1b36ef9db72321b3d075712a8888bd921a472c
SHA256

5ad0140b342166a7094794f878bd271cb48567149b91119c0bc2ebabb6399f07
SHA512

92db93c843cbff0cc8d0ea4d5503be85c1a52986b5a89041680d8c287bbf06715c1019e0065b364f4fda1dcf94891366c7c74791f3269704b4100b21a0de9fde
SSDEEP

49152:NZMzod1k0XlJTfu7lCwMBLEUGu20S2hnnRYKiPCZYj8bkN2P:N2C1k+bMlCwWl2qhnnRYKECZYI44

Score

10^/10

discovery evasion exploit

Malware Config

Targets

- Target
  
  5ad0140b342166a7094794f878bd271cb48567149b91119c0bc2ebabb6399f07
- Size
  
  2.2MB
- MD5
  
  d5dfb8447ced11274942ace31b4279d8
- SHA1
  
  5a1b36ef9db72321b3d075712a8888bd921a472c
- SHA256
  
  5ad0140b342166a7094794f878bd271cb48567149b91119c0bc2ebabb6399f07
- SHA512
  
  92db93c843cbff0cc8d0ea4d5503be85c1a52986b5a89041680d8c287bbf06715c1019e0065b364f4fda1dcf94891366c7c74791f3269704b4100b21a0de9fde
- SSDEEP
  
  49152:NZMzod1k0XlJTfu7lCwMBLEUGu20S2hnnRYKiPCZYj8bkN2P:N2C1k+bMlCwWl2qhnnRYKECZYI44
Score

10^/10

discovery evasion exploit
- Modifies security service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Stops running service(s)
  evasion
- Deletes itself
- Loads dropped DLL
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Impair Defenses

File Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexploit

behavioral2

discoveryevasionexploit