db70fd132b9eb59e94c123589b64665cd0446586da7243d84b7271638be08193 | Triage

Sharing

General

Target

db70fd132b9eb59e94c123589b64665cd0446586da7243d84b7271638be08193
Size

43KB
Sample

221003-qlz8vahab9
MD5

6913fd0b7cf42c6bc466d52575d1d1f0
SHA1

637b805c072ba3a974e77fc8cf19ec1ad88298ca
SHA256

db70fd132b9eb59e94c123589b64665cd0446586da7243d84b7271638be08193
SHA512

d28c3ed694aaa5c07577fe78219a42cdfd4110591c7845c2aa003cecc2d556015a26f6e7052c30d99a125e4ade64437ab52783ff5eb8819a3111e700db2d8e5e
SSDEEP

768:u5DZ2Sai733ZL4OsPDsJOrvNQ3wzbYYiUCb6BJZObQC73m9BaNV9kAVy+6f/heT2:ji18OysUQpYiUCb9Z3dggy+9

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  db70fd132b9eb59e94c123589b64665cd0446586da7243d84b7271638be08193
- Size
  
  43KB
- MD5
  
  6913fd0b7cf42c6bc466d52575d1d1f0
- SHA1
  
  637b805c072ba3a974e77fc8cf19ec1ad88298ca
- SHA256
  
  db70fd132b9eb59e94c123589b64665cd0446586da7243d84b7271638be08193
- SHA512
  
  d28c3ed694aaa5c07577fe78219a42cdfd4110591c7845c2aa003cecc2d556015a26f6e7052c30d99a125e4ade64437ab52783ff5eb8819a3111e700db2d8e5e
- SSDEEP
  
  768:u5DZ2Sai733ZL4OsPDsJOrvNQ3wzbYYiUCb6BJZObQC73m9BaNV9kAVy+6f/heT2:ji18OysUQpYiUCb9Z3dggy+9
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence