e36a2257035f6cf81bc898fcc51f71166f681fe584bddf5380fbcd1dca583349 | Triage

Sharing

General

Target

e36a2257035f6cf81bc898fcc51f71166f681fe584bddf5380fbcd1dca583349
Size

528KB
Sample

221011-g81cpaaddn
MD5

2c01bfaae19e3ca6e91382b9a0271c75
SHA1

640d1535c6816cfc098964cecd1ab36567b3fe0a
SHA256

e36a2257035f6cf81bc898fcc51f71166f681fe584bddf5380fbcd1dca583349
SHA512

b2d7a533f2ad0372bcc3c1443377721110bff8e23a6d2266d693a9fc4c1e41b805fdafeb32701f1eb261564a750e2ebe15b47a745e394178222a1311f4eeb853
SSDEEP

12288:O1T9O/qYv8/iWlq0bZBZsI+oG1KsFXyeIeoU7:Ak0bNs9FtyeI+7

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e36a2257035f6cf81bc898fcc51f71166f681fe584bddf5380fbcd1dca583349
- Size
  
  528KB
- MD5
  
  2c01bfaae19e3ca6e91382b9a0271c75
- SHA1
  
  640d1535c6816cfc098964cecd1ab36567b3fe0a
- SHA256
  
  e36a2257035f6cf81bc898fcc51f71166f681fe584bddf5380fbcd1dca583349
- SHA512
  
  b2d7a533f2ad0372bcc3c1443377721110bff8e23a6d2266d693a9fc4c1e41b805fdafeb32701f1eb261564a750e2ebe15b47a745e394178222a1311f4eeb853
- SSDEEP
  
  12288:O1T9O/qYv8/iWlq0bZBZsI+oG1KsFXyeIeoU7:Ak0bNs9FtyeI+7
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Adds policy Run key to start application
  persistence
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence