63e1deee5b84fcc79803bda480e09d6a1eaaf88ece8afbeea4048aaceeeb519a | Triage

Sharing

General

Target

63e1deee5b84fcc79803bda480e09d6a1eaaf88ece8afbeea4048aaceeeb519a
Size

513KB
Sample

221004-cdme5agdal
MD5

3164d31a2054b3b907e1aa2a8c7645a0
SHA1

a041fd2624f41f0a80cd6eefba1f4fccf75f78da
SHA256

63e1deee5b84fcc79803bda480e09d6a1eaaf88ece8afbeea4048aaceeeb519a
SHA512

47c61b33401faf9d17614c9c205d34fe4e29fabbef876953d374161b641f6709093dd46f66331bab26c553946495759b87789e35b98cdae9b8bd2148a1bee5ca
SSDEEP

384:gPyZNjtU2myEgkfb3yHv37ofyAbtAiVFv1rj868uPkEab5zXtxAAMSj5p:wyZeDfuEfptRFX8FuPAhXtxxMSr

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  63e1deee5b84fcc79803bda480e09d6a1eaaf88ece8afbeea4048aaceeeb519a
- Size
  
  513KB
- MD5
  
  3164d31a2054b3b907e1aa2a8c7645a0
- SHA1
  
  a041fd2624f41f0a80cd6eefba1f4fccf75f78da
- SHA256
  
  63e1deee5b84fcc79803bda480e09d6a1eaaf88ece8afbeea4048aaceeeb519a
- SHA512
  
  47c61b33401faf9d17614c9c205d34fe4e29fabbef876953d374161b641f6709093dd46f66331bab26c553946495759b87789e35b98cdae9b8bd2148a1bee5ca
- SSDEEP
  
  384:gPyZNjtU2myEgkfb3yHv37ofyAbtAiVFv1rj868uPkEab5zXtxAAMSj5p:wyZeDfuEfptRFX8FuPAhXtxxMSr
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence