74247101ff4d5ec7d4bb9b719ceb2b3aa88adf9ab8d6b29c6e71a9aa01b585ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74247101ff4d5ec7d4bb9b719ceb2b3aa88adf9ab8d6b29c6e71a9aa01b585ee
Size

23KB
Sample

220919-aacemsbgcn
MD5

d3216fc18c6cfd409641464ec3123c05
SHA1

b55117f26c1a27f5dcd1d9f6c932c266371da948
SHA256

74247101ff4d5ec7d4bb9b719ceb2b3aa88adf9ab8d6b29c6e71a9aa01b585ee
SHA512

cf233af828cd02c620ff3e658185627abd0603c522dbfb209a78ab78388c4321c5cd43dcbc3046fd5bd643d64715deb2c747453b710248013f9c0f87ba660fff
SSDEEP

384:cPyZNjtU2mzQBzR/l6PCdzgyujSmgEAhFoqq4zEin5Ei0s:syZ66LzxgvSmWhFrqYEinWi

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  74247101ff4d5ec7d4bb9b719ceb2b3aa88adf9ab8d6b29c6e71a9aa01b585ee
- Size
  
  23KB
- MD5
  
  d3216fc18c6cfd409641464ec3123c05
- SHA1
  
  b55117f26c1a27f5dcd1d9f6c932c266371da948
- SHA256
  
  74247101ff4d5ec7d4bb9b719ceb2b3aa88adf9ab8d6b29c6e71a9aa01b585ee
- SHA512
  
  cf233af828cd02c620ff3e658185627abd0603c522dbfb209a78ab78388c4321c5cd43dcbc3046fd5bd643d64715deb2c747453b710248013f9c0f87ba660fff
- SSDEEP
  
  384:cPyZNjtU2mzQBzR/l6PCdzgyujSmgEAhFoqq4zEin5Ei0s:syZ66LzxgvSmWhFrqYEinWi
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence